/etc/suauth

[Sean McMahon]

Perhaps the original poster could simply tell us where he obtained this
information.  Think we're talking about 2 different things here.
----- Original Message ----- 
From: "Adam Myrow" <amyrow at midsouth.rr.com>
To: "Speakup is a screen review system for Linux." <speakup at braille.uwo.ca>
Sent: Saturday, December 17, 2005 3:40 PM
Subject: re: /etc/suauth


> On Sat, 17 Dec 2005, Jude DaShiell wrote:
>
> > The analysis is flawed.  A machine with 99 user accounts on it and a root
> > account with only one line in /etc/suauth with one user account on it
> > presents a hacker with 98 decoys and one hackable account.  The hacker has
to
> > go to the trouble of stealing a user account password not a root account
> > password and that is more difficult to do.
>
> I fail to see why you don't understand the problem you would create.
> Essentially, you would be saying that any of your 99 users may su to root
> without knowing the root password.  Any one of them could now do whatever
> they want without having to put forth any effort at all.  The hacker could
> be one of your users.  If you are so concerned with the root password
> getting out on the Internet, then you would be much better off forbidding
> the use of the su command entirely, or at least blocking attempts to su to
> root.  No ordinary user should be using it anyhow.  While you are at it,
> prevent root logins via SSH.  You can't do administration anywhere except
> the console this way, but it's a lot better than opening up your machine
> to anybody who just happens to try to su to root.
>
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup