Date: Thu, 11 Feb 2010 08:04:00 +0000 From: Matthew Seaman <m.seaman@black-earth.co.uk> To: Giorgos Keramidas <keramida@ceid.upatras.gr> Cc: Lin Taosheng <taosheng.lin@gmail.com>, Robert Huff <roberthuff@rcn.com>, freebsd-questions@freebsd.org Subject: Re: HELP! Is that possible "creating a user named root but acturally not the administrator root" Message-ID: <4B73B9F0.1020105@black-earth.co.uk> In-Reply-To: <874olocpmc.fsf@kobe.laptop> References: <5ffa459b1002102005i6b03c6fcqc1d4a11f590164d4@mail.gmail.com> <19315.37670.468383.119569@jerusalem.litteratus.org> <874olocpmc.fsf@kobe.laptop>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig09BBB50931970D06FBDF0E1A
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On 11/02/2010 05:23, Giorgos Keramidas wrote:
> On Thu, 11 Feb 2010 00:18:30 -0500, Robert Huff <roberthuff@rcn.com> wr=
ote:
>> Lin Taosheng writes:
>>> Is that possible to implementated?
>>
>> For most purposes, what's important is not the account name,
>> but the User II. "Root" is special because it has UID 0. You can,
>> create other accounts with UIS 0 ... but it's usually a Very Bad
>> Idea.
>>
>> As far as I know, there's no reason you can't rename the "root"
>> account and have a non UID 0 account with that name. On the other
>> hand, if you're asking this question there may be a better way to
>> accomplish your objective: would you care to share?
>=20
> The kernel doesn't really care what your user *name* is. See for
> example the 'toor user in '/etc/master.passwd'.
On the other hand, lots of software expects the superuser account to be
called 'root' because that what it always has been ever since Thompson
and Ritchie et al. first created Unix. Changing the name of the
superuser account, and making root into an unprivileged user will cause
you much wailing and gnashing of teeth. It doesn't really buy you much
in terms of improved security in any case. Far better to concentrate
on making it impossible for the existing root account to be compromised.
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard, Flat 3
Black Earth Consulting Ramsgate
Kent, CT11 9PW
Free and Open Source Solutions Tel: +44 (0)1843 580647
--------------enig09BBB50931970D06FBDF0E1A
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAktzufkACgkQ8Mjk52CukIxBtACcCacRuPGEhSXwhsvTJJuTDDjI
hbcAnRS+YXF/7PC/N0GNwaIkrOS+f50G
=ko56
-----END PGP SIGNATURE-----
--------------enig09BBB50931970D06FBDF0E1A--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B73B9F0.1020105>