Date: Mon, 16 Oct 2000 22:56:37 -0500 From: David Kelly <dkelly@hiwaay.net> To: Kris Kirby <kris@catonic.net> Cc: freebsd-chat@FreeBSD.ORG Subject: Re: Traditional UN*X conventions (Or: Why not to login as root?) Message-ID: <200010170356.e9H3ubS17510@grumpy.dyndns.org> In-Reply-To: Message from Kris Kirby <kris@catonic.net> of "Sun, 15 Oct 2000 07:46:19 -0000." <Pine.BSF.4.21.0010150739480.59649-100000@spaz.huntsvilleal.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kirby writes: > > Lately I find myself pondering why or why not one is supposed to leave the > root account alone altogether, instead su(do)ing as necessary to > perform various tasks. Is there a series of texts out there that states > this and other traditional measures taken (perhaps with a historical or > logically documented process in regards to tracking break-ins)? Rarely does a critical Unix system have a single sysop with the root password. If all behave and use their own account first then su into root as needed then 1) they can carry their own personal environment with them, and 2) there is some traceability as to who did it. -- David Kelly N4HHE, dkelly@hiwaay.net ===================================================================== The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010170356.e9H3ubS17510>