[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [root user] How to disable root account?

On 12/1/05, Christian Folini <christian.folini@time-machine.ch> wrote:
> On Thu, 1 Dec 2005 09:24:28 -0600 Dave Sherohman wrote:
> > sudo is great for tracking who does what as root and for preventing
> > yourself from accidentally doing something with greater powers than
> > intended, but it can very easily be counterproductive if your intent
> > is to increase resistance to unauthorized access.
> The sudo/wheel approach is also a handy one when you want to update
> the root password regularly, but you do not want to  tell it to
> everyone. Say you work in an heterogenous enterprise with lots of
> admins having their unix workstation. They need root permissions on
> their desktop machine, but you do not want to distribute the root
> password (lacking the encrypted channel to reach everyone for example).
> Then you can add them to the wheel group and give them a root
> shell that way. Meanwhile you can update the root password
> without any problem.
> Ubuntu follows this road a bit further by setting a random root
> password nobody actually knows. This seems consequent to me. But
> having to explain to my boss why i do not know the root password of
> our linux workstations did not seem that attractive.

sudo passwd lets you set the root password of course. :-)


Reply to: