Date: Thu, 11 Feb 2010 14:32:02 -0500 From: Bob Johnson <fbsdlists@gmail.com> To: Jerry McAllister <jerrymc@msu.edu> Cc: Lin Taosheng <taosheng.lin@gmail.com>, freebsd-questions@freebsd.org Subject: Re: HELP! Is that possible "creating a user named root but acturally not the administrator root" Message-ID: <54db43991002111132s11569d8aj9b390d72c1725240@mail.gmail.com> In-Reply-To: <20100211190840.GB73100@gizmo.acns.msu.edu> References: <5ffa459b1002102005i6b03c6fcqc1d4a11f590164d4@mail.gmail.com> <19315.37670.468383.119569@jerusalem.litteratus.org> <54db43991002111058r1d8d1244mff110ec0b6f69046@mail.gmail.com> <20100211190840.GB73100@gizmo.acns.msu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/11/10, Jerry McAllister <jerrymc@msu.edu> wrote: > On Thu, Feb 11, 2010 at 01:58:07PM -0500, Bob Johnson wrote: > >> On 2/11/10, Robert Huff <roberthuff@rcn.com> wrote: >> > >> > Lin Taosheng writes: >> > >> >> Is that possible to implementated? >> > >> >> Yes, use vipw to edit the password file. Add another username that is >> UID zero. The name "toor" is actually already there as an example of >> how to do that, but it is disabled because it has a "*" in the >> password field. After the new username is tested and you know it >> works, use vipw to replace the password field for "root" to an "*". >> Then root will still exist, but it will not be possible to log in to >> it. You could also delete the entire line for "root", but that gets >> farther into unusual territory and increases the chance that you will >> break something else by doing so. > > If I take what the OP said literally, you are answering backwards. > The OP asked if it is possible to name a different account root - eg > one that is not UID 0. You are answering that it is possible to > give an account other than root a UID 0. > > Now, the OP may have meant to ask what you are answering and just > got it mixed up. But, that was not the way the question went. Oops. Rats. When I started my reply I had it right, but by the time I finished I had confused myself. Thanks. Anyway, it's possible, but in practice it probably won't work right, and doesn't do much for security anyway. - Bob
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54db43991002111132s11569d8aj9b390d72c1725240>