Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: a simple question
Top Forums UNIX for Advanced & Expert Users a simple question Post 43127 by kduffin on Wednesday 12th of November 2003 01:10:17 AM
Old 11-12-2003
It is really a matter of best practices and proven methods. It goes without saying that root is dangerous.

That being said, there are other reasons as well. All systems have trails that leave fingerprints when we login. Some are so-so, some meet C2 compliance and try to afford an unalterable audit trail that can be used as evidence in a court of law. If a login starts with a general account, it is harder to hold people accountable for their actions.

UNIX as a whole still has a lot of growing up to do. OS390 and the like will never die until proven compartmentalized methods exits where the "all powerful root" doesn't rule. Trusted Solaris is a good step in that direction, but not allowing root to login directly is at least a start.

Is the system that you are speaking of a corporate piece of equipment?

Cheers,

Keith
Last edited by kduffin; 11-17-2003 at 10:53 PM..
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Simple Question

Friends, I did following exercise $ echo '' > test $ od -b test $ echo "">test $ od -b test $echo > test $od -b test Every time I got the following output 0000000 012 0000001 But 012 is octal value for new line character . Even though there is no apperent new line character... (6 Replies)
Discussion started by: j1yant
6 Replies

2. UNIX for Dummies Questions & Answers

Ok simple question for simple knowledge...

Ok what is BSD exactly? I know its a type of open source but what is it exactly? (1 Reply)
Discussion started by: Corrail
1 Replies

3. Programming

Simple C question... Hopefully it's simple

Hello. I'm a complete newbie to C programming. I have a C program that wasn't written by me where I need to write some wrappers around it to automate and make it easier for a client to use. The problem is that the program accepts standard input to control the program... I'm hoping to find a simple... (6 Replies)
Discussion started by: Xeed
6 Replies

4. UNIX for Dummies Questions & Answers

Simple Question

Hi Guys, I've been learning UNIX for the past couple of days and I came across this exercise, I can't get my head around it, so I would be ever so grateful if I could receive some sort of help or direction with this. Create a file with x amount of lines in it, the content of your choice. ... (3 Replies)
Discussion started by: aforball
3 Replies

5. Shell Programming and Scripting

Simple ls question

i am doing ls -la in the out put , first line is as total 41621 What is this total? (2 Replies)
Discussion started by: Saurabh78
2 Replies

6. Shell Programming and Scripting

Simple Question

Hi, Please don't berate me over the simplicity of these questions. I have recently gotten into bash shell scripting and enjoy it quite a bit. One thing I have not found the answer to though is when naming a shell script, what extension is normally used (ie myscript.?)? Also where is the standard... (5 Replies)
Discussion started by: msb65
5 Replies

7. UNIX for Dummies Questions & Answers

Simple question

I had a script in solaris wich i read data, for example: Number 1: _ and the cursor use to be in '_' place because in the code of the script i write: echo "Number 1:\c" but i copy the script to a linux and the cursor 'jump' to the begining of the next line like: Number 1:... (2 Replies)
Discussion started by: lestat_ecuador
2 Replies

8. UNIX for Dummies Questions & Answers

simple question

hi everybody; trying to c unix programming and ive stucked with a problem: simple program filedr=open("tempfile",O_RDWR|O_TRUNC,0); write(filedr,msg1,6); int i; i=read(filedr,msg3,4); it returns 0 bytes read ... why? well if i try to poll() before read , it doesnt indicate POLLHUP or... (4 Replies)
Discussion started by: IdleProc
4 Replies

9. Shell Programming and Scripting

Simple if then else question

I am having trouble making this statement work. I am passing in a number value for the number of days to keep archive logs for and wanted to make sure that it is a number. I have a script that will return 1 for is a number and 0 for is not a number. I also want to make sure that the number is not... (2 Replies)
Discussion started by: gandolf989
2 Replies

10. Red Hat

Syslog.conf: looking for a simple answer on a simple question

Cheers! In /etc/syslog.conf, if an error type is not specified, is it logged anywhere (most preferable is it logged to /var/log/messages) or not? To be more precise I am interested in error and critical level messages. At default these errors are not specified in syslog.conf, and I need to... (6 Replies)
Discussion started by: dr1zzt3r
6 Replies

LEARN ABOUT PLAN9

chsh

CHSH(1)                                                            User Commands                                                           CHSH(1)

NAME

       chsh - change login shell

SYNOPSIS

       chsh [options] [LOGIN]

DESCRIPTION

       The chsh command changes the user login shell. This determines the name of the user's initial login command. A normal user may only change
       the login shell for her own account; the superuser may change the login shell for any account.

OPTIONS

       The options which apply to the chsh command are:

       -h, --help
           Display help message and exit.

       -R, --root CHROOT_DIR
           Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.

       -s, --shell SHELL
           The name of the user's new login shell. Setting this field to blank causes the system to select the default login shell.

       If the -s option is not selected, chsh operates in an interactive fashion, prompting the user with the current login shell. Enter the new
       value to change the shell, or leave the line blank to use the current one. The current shell is displayed between a pair of [ ] marks.

NOTE

       The only restriction placed on the login shell is that the command name must be listed in /etc/shells, unless the invoker is the superuser,
       and then any value may be added. An account with a restricted login shell may not change her login shell. For this reason, placing /bin/rsh
       in /etc/shells is discouraged since accidentally changing to a restricted shell would prevent the user from ever changing her login shell
       back to its original value.

FILES

       /etc/passwd
           User account information.

       /etc/shells
           List of valid login shells.

       /etc/login.defs
           Shadow password suite configuration.

SEE ALSO

       chfn(1), login.defs(5), passwd(5).

shadow-utils 4.5                                                    01/25/2018                                                             CHSH(1)
All times are GMT -4. The time now is 08:33 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy