Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
 |
| UNIX for Advanced & Expert Users Expert-to-Expert. Learn advanced UNIX, UNIX commands, Linux, Operating Systems, System Administration, Programming, Shell, Shell Scripts, Solaris, Linux, HP-UX, AIX, OS X, BSD. |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Simple Question | aforball | UNIX for Dummies Questions & Answers | 3 | 03-04-2008 04:26 PM |
| sed - simple question | scotty_123 | Shell Programming and Scripting | 13 | 03-29-2007 02:23 AM |
| Simple C question... Hopefully it's simple | Xeed | High Level Programming | 6 | 12-15-2006 02:29 PM |
| Ok simple question for simple knowledge... | Corrail | UNIX for Dummies Questions & Answers | 1 | 11-28-2005 01:03 PM |
| Simple ksh question | frustrated1 | Shell Programming and Scripting | 1 | 11-05-2003 12:41 PM |
 |
Powered by 
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
|
|
11-09-2003
|
||||
|
||||
|
a simple question
I have a problem, why should root access only be provided from a login on the console, and why should a user be forced to use "su" command to perform system maintenance, rather than logging in?
|
|
11-09-2003
|
||||
|
||||
|
you could login instead of using su. generally if i am at the console ill be logged in as a regular user and use my virtual terminals and login as root. if i am on my desktop its easier to have multiple ssh windows and using su for root privs.
why should only root perform system maintenance? well answer me this, do you want anyone other than YOU (if you are the admin) having so much control over your system? not to mention the power to take down your system or a mess of other things that you should NOT want to happen. |
|
11-12-2003
|
|||||
|
|||||
|
It is really a matter of best practices and proven methods. It goes without saying that root is dangerous.
That being said, there are other reasons as well. All systems have trails that leave fingerprints when we login. Some are so-so, some meet C2 compliance and try to afford an unalterable audit trail that can be used as evidence in a court of law. If a login starts with a general account, it is harder to hold people accountable for their actions. UNIX as a whole still has a lot of growing up to do. OS390 and the like will never die until proven compartmentalized methods exits where the "all powerful root" doesn't rule. Trusted Solaris is a good step in that direction, but not allowing root to login directly is at least a start. Is the system that you are speaking of a corporate piece of equipment? Cheers, Keith Last edited by kduffin; 11-17-2003 at 10:53 PM.. |
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Hybrid Mode
