Re: [root user] How to disable root account?
On 11/25/05, Robert Brockway <rbrockway@opentrend.net> wrote:
> On Thu, 24 Nov 2005, Björn Lindström wrote:
>
> > passwd -l simply sets the password to a value matching no
> > passwords. sudo works by running SUID root, and so does not depend on a
> > root password in any way.
>
> Actually that depends on how sudo is configured. In some configurations
> sudo does depend on the root password (rather than the user a/c password)
> for authentication.
>
> Anyone wanting to lock the root account (not a good idea IMHO) should have
> a root enabled session (sudo, su or whatever) put to the side and not
> touched during the procedure. This session would be used only to reverse
> the procedure if it was found that establishing superuser privs was no
> longer possible in new sessions.
>
> Rob
>
> --
> Robert Brockway B.Sc. Phone: +1-416-669-3073
> Senior Technical Consultant Email: support@opentrend.net
> OpenTrend Solutions Ltd. Web: www.opentrend.net
> We are open 24x365 for technical support. Call us in a crisis.
>
In the worst case, couldn't someone just boot from a livecd, run
[passwd root], then [cat /etc/shadow | grep root] on the livecd and
finally simply copying that entry into the locked out system shadow
file ?
--
Cheers,
Maxim Vexler (hq4ever).
Do u GNU ?
Reply to: