From owner-freebsd-security@FreeBSD.ORG Thu Mar 3 08:03:35 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C714216A4CE for ; Thu, 3 Mar 2005 08:03:35 +0000 (GMT) Received: from brainbox.winbot.co.uk (cpc2-mapp3-6-0-cust221.nott.cable.ntl.com [81.101.250.221]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3880043D2F for ; Thu, 3 Mar 2005 08:03:35 +0000 (GMT) (envelope-from brain@winbot.co.uk) Received: from synapse.brainbox.winbot.co.uk ([10.0.0.2] helo=[192.168.1.10]) by brainbox.winbot.co.uk with esmtp (Exim 4.24; FreeBSD) id 1D6nJz-0002Bc-8a for freebsd-security@freebsd.org; Thu, 03 Mar 2005 10:12:43 +0000 Message-ID: <4226C4DF.3050806@winbot.co.uk> Date: Thu, 03 Mar 2005 08:03:43 +0000 From: Craig Edwards Organization: Crypt Software User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-security@freebsd.org X-Enigmail-Version: 0.90.1.1 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Renaming root account X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: brain@winbot.co.uk List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Mar 2005 08:03:35 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everyone, One quick question: Is it safe and/or sensible to rename the root account, so that the only uid 0 user on a system is something different to root? I can see how this would be effective against external attackers who have no knowledge of the internals of the system as they would spend pointless hours trying to crack a user which doesnt exist, however to internal users they could always just cat /etc/passwd and see that root has been renamed. So firstly, is this possible, and security wise is it of any real use? Can anyone think of any apps it would break that assume that the uid 0 user is called root and don't just address the user by its uid? Thanks, Craig Edwards - -- WinBot IRC client developer: http://www.winbot.co.uk ChatSpike - The users network: http://www.chatspike.net InspIRCd - Modular IRC server: http://www.inspircd.org Online RPG Developer: http://www.ssod.org - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) iD8DBQFCJsTf0k42Wxli/BARAp2DAJ9dp1eu2IL41pfp/4ZFp9kS2KuMdgCeI20k w1Jt+uriEmWM+wmhEFxH+vw= =vGhO -----END PGP SIGNATURE-----