From owner-freebsd-questions@FreeBSD.ORG Thu Feb 11 19:32:04 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 13635106566B for ; Thu, 11 Feb 2010 19:32:04 +0000 (UTC) (envelope-from fbsdlists@gmail.com) Received: from mail-gx0-f218.google.com (mail-gx0-f218.google.com [209.85.217.218]) by mx1.freebsd.org (Postfix) with ESMTP id B2B158FC21 for ; Thu, 11 Feb 2010 19:32:03 +0000 (UTC) Received: by gxk10 with SMTP id 10so1528382gxk.3 for ; Thu, 11 Feb 2010 11:32:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=d8FhPvXzQnxsw55HZuSt3Xxa4PKmxC9GcHn3qFGCHSY=; b=AIygfJueh1fZsaofi2JtuETHP1uBHdNXrKffbTnz4cWYMNqTrpgPS4CbRUnApQXdIr XYELz49RmLxkeOkVTd/61e7U/iOXdlD0ZqLPx+rQN7t8XR83gCH+x6hgp6LUH4hJ2e/F sgHJGAIMJTHoDvkldtgZE4MeubxbslfpD4BnE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=dKqq0S/MFMIG5af6xmvWezhT2g3G/pbM8C5W72SQ7Yf4tZCZRUlPBevGEh4uz/7G2Z z+9k1uED2Uu+FKG1e8X+FrEFYHlIjtS+tOwxJFNnwumwZKeTyeVsxxboIv0VJwViU3/a mGvkVgaNPteCS2ESWEd02tXFWkTdI0hSHG/VY= MIME-Version: 1.0 Received: by 10.143.153.11 with SMTP id f11mr203096wfo.155.1265916722098; Thu, 11 Feb 2010 11:32:02 -0800 (PST) In-Reply-To: <20100211190840.GB73100@gizmo.acns.msu.edu> References: <5ffa459b1002102005i6b03c6fcqc1d4a11f590164d4@mail.gmail.com> <19315.37670.468383.119569@jerusalem.litteratus.org> <54db43991002111058r1d8d1244mff110ec0b6f69046@mail.gmail.com> <20100211190840.GB73100@gizmo.acns.msu.edu> Date: Thu, 11 Feb 2010 14:32:02 -0500 Message-ID: <54db43991002111132s11569d8aj9b390d72c1725240@mail.gmail.com> From: Bob Johnson To: Jerry McAllister Content-Type: text/plain; charset=ISO-8859-1 Cc: Lin Taosheng , freebsd-questions@freebsd.org Subject: Re: HELP! Is that possible "creating a user named root but acturally not the administrator root" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Feb 2010 19:32:04 -0000 On 2/11/10, Jerry McAllister wrote: > On Thu, Feb 11, 2010 at 01:58:07PM -0500, Bob Johnson wrote: > >> On 2/11/10, Robert Huff wrote: >> > >> > Lin Taosheng writes: >> > >> >> Is that possible to implementated? >> > >> >> Yes, use vipw to edit the password file. Add another username that is >> UID zero. The name "toor" is actually already there as an example of >> how to do that, but it is disabled because it has a "*" in the >> password field. After the new username is tested and you know it >> works, use vipw to replace the password field for "root" to an "*". >> Then root will still exist, but it will not be possible to log in to >> it. You could also delete the entire line for "root", but that gets >> farther into unusual territory and increases the chance that you will >> break something else by doing so. > > If I take what the OP said literally, you are answering backwards. > The OP asked if it is possible to name a different account root - eg > one that is not UID 0. You are answering that it is possible to > give an account other than root a UID 0. > > Now, the OP may have meant to ask what you are answering and just > got it mixed up. But, that was not the way the question went. Oops. Rats. When I started my reply I had it right, but by the time I finished I had confused myself. Thanks. Anyway, it's possible, but in practice it probably won't work right, and doesn't do much for security anyway. - Bob