On Fri, Apr 05, 2019 at 12:28:18PM +0100, mick crane wrote:
[...]
probably I don't understand. What I'm mooting is who knows what
skillful cracker can get hold of your account credentials when
online. If user can't do root stuff on strength of their own
password then any malignant activity would be limited.
It's not about user/root as different /persons/, but as different
/roles/. I want to be able to "do" root on my box (and I want
everyone to have that possibility on their box). But I want to
be aware of /when/ I'm playing the root role.