From owner-freebsd-questions Mon Dec 31 6:47:45 2001 Delivered-To: freebsd-questions@freebsd.org Received: from kabel203069.kabel.utwente.nl (kabel203069.kabel.utwente.nl [130.89.203.69]) by hub.freebsd.org (Postfix) with ESMTP id C98F837B422 for ; Mon, 31 Dec 2001 06:47:35 -0800 (PST) Received: by kabel203069.kabel.utwente.nl (Postfix, from userid 1000) id 04F331F91; Mon, 31 Dec 2001 15:47:33 +0100 (CET) Date: Mon, 31 Dec 2001 15:47:33 +0100 From: Rogier Steehouder To: FreeBSD-questions@freebsd.org Subject: Re: Can I rename root? Message-ID: <20011231154733.A832@localhost> Mail-Followup-To: Rogier Steehouder , FreeBSD-questions@freebsd.org References: <20011229154552.B855@localhost> <20011230103317.A474@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011230103317.A474@localhost>; from r.j.s@gmx.net on Sun, Dec 30, 2001 at 10:33:17AM +0100 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 30-12-2001 10:33 (+0100), Rogier Steehouder wrote: > On 29-12-2001 15:45 (+0100), Rogier Steehouder wrote: > > A simple question: Can I rename root? > > I only got the advise: Don't. iThanks for the advise, but since noone > knew any programs explicitly, I did it anyway. A short review of some of the comments I got (and my answers): - Some people suppose I do this as some sort of security measure: Security by obscurity. (And isn't admin a bit predicatable then?) Well, obscurity helps of course, but it is no substitute for bad maintenance. I know that and the main reason I wanted it changed was easthetics. I like the new name better, so why wouldn't I be able to change it. (And no, it's not 'admin'. That IS a bit predictable.) And Cliff, all that information you could find out about my system (and more) has probably been mentioned earlier in the mailing list. If I want usable tips, I have to give up some info, don't I? But I am curious how you would determine my FreeBSD version in just a few seconds. Besides, half the info you mention I can extract from your mail headers as well if you haven't faked them. - If you could gain access to a normal user, you could just look at /etc/passwd for the new name. Yes, so let's try and not let unauthorized people gain user-access. As I just said, security is not the main issue in this name change. - Installation scripts and upgrading may be affected. Right, that IS an issue. Next time I upgrade (I believe 4.5 is about to come out) I will see what happens. But since chown and install accept numeric ID's as well as names, why not use them in the scripts? That way anyone can name root anything they want. I do not expect the ports collection and system sources to change, but why not take it into account on the next upgrade. What was it Shakespear said about a rose's name? A known convention is that user ID 0 is all powerful. If the name matters, then say so. I think it would be a good idea to have a list of required user and group names and numbers for a system or for a port (like postfix expects a postfix user and a maildrop group). If such a list exists and is published I will accept it and stick to it. If not I reserve the right to rename any of them (and accept the problems arising from it :-) With kind regards, Rogier Steehouder -- ___ _ -O_\ // | / Rogier Steehouder //\ / \ r.j.s@gmx.net // \ <---------------------- 25m ----------------------> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message