Re: to allow root logins or not?

To: debian-user@lists.debian.org
Subject: Re: to allow root logins or not?
From: Linas Žvirblis <0x0007@gmail.com>
Date: Sat, 21 Apr 2007 22:51:48 +0300
Message-id: <[🔎] 462A6B54.9040702@gmail.com>
In-reply-to: <[🔎] 1177180501.3578.46.camel@princess.gregfolkert.net>
References: <[🔎] 1177102431.3090.36.camel@dogen.gateway.2wire.net> <[🔎] 20070421012536.GJ10498@titan> <[🔎] 462A1D49.8010303@gmail.com> <[🔎] 1177172512.26299.22.camel@princess.gregfolkert.net> <[🔎] 20070421164538.GA9761@titan> <[🔎] 1177176330.3578.19.camel@princess.gregfolkert.net> <[🔎] 462A4F2D.5050102@cox.net> <[🔎] 1177180501.3578.46.camel@princess.gregfolkert.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Greg Folkert wrote:

>> Keyboard-only access (where the hardware is in a secure cage) when
>> the attacker does not know the root password leaves you in the same
>> position as if he were telneting in.
> 
> VERY FEW places do this anymore. And in any case I said "touch the
> keyboard and have physical access to the machines internals"

I do realize that you can break any security in a certain amount of
time, but that is really not the point. The point is that the installer
option is misleading. It says that it will disable root logins, and does
exactly the opposite - it enables passwordless root login.

I also strongly disagree that this is not a security concern. It is like
not locking your car because it is easy to break a window and open the
door from inside. After all, there is nothing you can do to prevent
someone from getting into your car if one can get near it.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGKmtRztOe9mov/y4RAqT2AJ9Fp14ISieBovkNbfQFdz09PVW0eACfesce
0/XJF9HmR47MDtkzy3/qq58=
=fv+z
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: to allow root logins or not?
  - From: Greg Folkert <greg@gregfolkert.net>

References:
- to allow root logins or not?
  - From: Default User <xyzzyx@sbcglobal.net>
- Re: to allow root logins or not?
  - From: Douglas Allan Tutty <dtutty@porchlight.ca>
- Re: to allow root logins or not?
  - From: Linas Žvirblis <0x0007@gmail.com>
- Re: to allow root logins or not?
  - From: Greg Folkert <greg@gregfolkert.net>
- Re: to allow root logins or not?
  - From: Douglas Allan Tutty <dtutty@porchlight.ca>
- Re: to allow root logins or not?
  - From: Greg Folkert <greg@gregfolkert.net>
- Re: to allow root logins or not?
  - From: Ron Johnson <ron.l.johnson@cox.net>
- Re: to allow root logins or not?
  - From: Greg Folkert <greg@gregfolkert.net>

Prev by Date: Re: Hostname confusion!!
Next by Date: Re: security for a home system
Previous by thread: Re: to allow root logins or not?
Next by thread: Re: to allow root logins or not?
Index(es):
- Date
- Thread