Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

a simple question

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users a simple question
# 1  
Old 11-09-2003
a simple question
I have a problem, why should root access only be provided from a login on the console, and why should a user be forced to use "su" command to perform system maintenance, rather than logging in?
# 2  
Old 11-09-2003
you could login instead of using su. generally if i am at the console ill be logged in as a regular user and use my virtual terminals and login as root. if i am on my desktop its easier to have multiple ssh windows and using su for root privs.

why should only root perform system maintenance? well answer me this, do you want anyone other than YOU (if you are the admin) having so much control over your system? not to mention the power to take down your system or a mess of other things that you should NOT want to happen.
# 3  
Old 11-12-2003
It is really a matter of best practices and proven methods. It goes without saying that root is dangerous.

That being said, there are other reasons as well. All systems have trails that leave fingerprints when we login. Some are so-so, some meet C2 compliance and try to afford an unalterable audit trail that can be used as evidence in a court of law. If a login starts with a general account, it is harder to hold people accountable for their actions.

UNIX as a whole still has a lot of growing up to do. OS390 and the like will never die until proven compartmentalized methods exits where the "all powerful root" doesn't rule. Trusted Solaris is a good step in that direction, but not allowing root to login directly is at least a start.

Is the system that you are speaking of a corporate piece of equipment?

Cheers,

Keith
Last edited by kduffin; 11-17-2003 at 10:53 PM..
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

Syslog.conf: looking for a simple answer on a simple question

Cheers! In /etc/syslog.conf, if an error type is not specified, is it logged anywhere (most preferable is it logged to /var/log/messages) or not? To be more precise I am interested in error and critical level messages. At default these errors are not specified in syslog.conf, and I need to... (6 Replies)
Discussion started by: dr1zzt3r
6 Replies

2. Shell Programming and Scripting

Simple if then else question

I am having trouble making this statement work. I am passing in a number value for the number of days to keep archive logs for and wanted to make sure that it is a number. I have a script that will return 1 for is a number and 0 for is not a number. I also want to make sure that the number is not... (2 Replies)
Discussion started by: gandolf989
2 Replies

3. UNIX for Dummies Questions & Answers

simple question

hi everybody; trying to c unix programming and ive stucked with a problem: simple program filedr=open("tempfile",O_RDWR|O_TRUNC,0); write(filedr,msg1,6); int i; i=read(filedr,msg3,4); it returns 0 bytes read ... why? well if i try to poll() before read , it doesnt indicate POLLHUP or... (4 Replies)
Discussion started by: IdleProc
4 Replies

4. UNIX for Dummies Questions & Answers

Simple question

I had a script in solaris wich i read data, for example: Number 1: _ and the cursor use to be in '_' place because in the code of the script i write: echo "Number 1:\c" but i copy the script to a linux and the cursor 'jump' to the begining of the next line like: Number 1:... (2 Replies)
Discussion started by: lestat_ecuador
2 Replies

5. Shell Programming and Scripting

Simple Question

Hi, Please don't berate me over the simplicity of these questions. I have recently gotten into bash shell scripting and enjoy it quite a bit. One thing I have not found the answer to though is when naming a shell script, what extension is normally used (ie myscript.?)? Also where is the standard... (5 Replies)
Discussion started by: msb65
5 Replies

6. Shell Programming and Scripting

Simple ls question

i am doing ls -la in the out put , first line is as total 41621 What is this total? (2 Replies)
Discussion started by: Saurabh78
2 Replies

7. UNIX for Dummies Questions & Answers

Simple Question

Hi Guys, I've been learning UNIX for the past couple of days and I came across this exercise, I can't get my head around it, so I would be ever so grateful if I could receive some sort of help or direction with this. Create a file with x amount of lines in it, the content of your choice. ... (3 Replies)
Discussion started by: aforball
3 Replies

8. Programming

Simple C question... Hopefully it's simple

Hello. I'm a complete newbie to C programming. I have a C program that wasn't written by me where I need to write some wrappers around it to automate and make it easier for a client to use. The problem is that the program accepts standard input to control the program... I'm hoping to find a simple... (6 Replies)
Discussion started by: Xeed
6 Replies

9. UNIX for Dummies Questions & Answers

Ok simple question for simple knowledge...

Ok what is BSD exactly? I know its a type of open source but what is it exactly? (1 Reply)
Discussion started by: Corrail
1 Replies

10. UNIX for Advanced & Expert Users

Simple Question

Friends, I did following exercise $ echo '' > test $ od -b test $ echo "">test $ od -b test $echo > test $od -b test Every time I got the following output 0000000 012 0000001 But 012 is octal value for new line character . Even though there is no apperent new line character... (6 Replies)
Discussion started by: j1yant
6 Replies
Login or Register to Ask a Question