From owner-freebsd-questions Sun Dec 30 12:57: 8 2001 Delivered-To: freebsd-questions@freebsd.org Received: from berbee.com (berbee.com [205.173.176.16]) by hub.freebsd.org (Postfix) with ESMTP id 965BC37B417 for ; Sun, 30 Dec 2001 12:57:03 -0800 (PST) Received: from there (xeryjg@66-188-96-56.mad.wi.charter.com [66.188.96.56]) by berbee.com (8.11.2/8.11.2) with SMTP id fBUKujU15646; Sun, 30 Dec 2001 14:56:45 -0600 Message-Id: <200112302056.fBUKujU15646@berbee.com> Content-Type: text/plain; charset="iso-8859-1" From: Rob Zietlow To: Jeffrey , FreeBSD-questions@FreeBSD.ORG Subject: Re: Can I rename root? Date: Sun, 30 Dec 2001 14:56:31 -0600 X-Mailer: KMail [version 1.3.2] References: <20011229154552.B855@localhost> <20011230103317.A474@localhost> <200112302041.NAA21129@cepheus.azstarnet.com> In-Reply-To: <200112302041.NAA21129@cepheus.azstarnet.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sunday 30 December 2001 02:41 pm, Jeffrey wrote: > On Sunday 30 December 2001 02:33 am, Rogier Steehouder wrote: > > > Do any programs rely on the name > > > 'root' being available or is it prefectly safe to use vipw and rename > > > it to 'master' or 'admin'. > > > > Besides the user and group databases the following files mention root: > > /etc/aliases I had already redirected root to my regular user: > > no problem > > /etc/crontab Replaced 'root' with 'admin' > > Not that I am even brave enough to rename root (I trust the instincts of > those with more experience than I). I am not sure what you are gaining by > doing this.... > > I am assuming you are doing this to obtain some security by obscurity, > right? If so why not choose something a bit less obvious than admin? I > would guess that someone breaking into your system upon not finding a root > would see the admin account for what it is pretty quickly..... no matter what, if they use an remote a root exploit, it will be useless to have an renamed admin account, It will still be a 0 UID. And IIRC su should still take them up to the equivilent root account, therefore it doesn't matter what it's named. (correct me if I'm wrong) > Second, if one only gains access to your system via a standard user account > what is keeping them from looking for the 0 UID in /etc/passwd? That will > probably tip them off pretty quickly as to what account they should be > targeting. > > I am still pretty new at all of this, I am just trying to figure out how > the benefits outweigh potential risks/abnormalities. > > Jeffrey > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message