Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 30 Dec 2001 14:56:31 -0600
From:      Rob Zietlow <zietlow@berbee.com>
To:        Jeffrey <jeffrey@azstarnet.com>, FreeBSD-questions@FreeBSD.ORG
Subject:   Re: Can I rename root?
Message-ID:  <200112302056.fBUKujU15646@berbee.com>
In-Reply-To: <200112302041.NAA21129@cepheus.azstarnet.com>
References:  <20011229154552.B855@localhost> <20011230103317.A474@localhost> <200112302041.NAA21129@cepheus.azstarnet.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 30 December 2001 02:41 pm, Jeffrey wrote:
> On Sunday 30 December 2001 02:33 am, Rogier Steehouder wrote:
> > > Do any programs rely on the name
> > > 'root' being available or is it prefectly safe to use vipw and rename
> > > it to 'master' or 'admin'.
> >
> > Besides the user and group databases the following files mention root:
> > /etc/aliases		I had already redirected root to my regular user:
> > 			no problem
> > /etc/crontab		Replaced 'root' with 'admin'
>
> Not that I am even brave enough to rename root (I trust the instincts of
> those with more experience than I).  I am not sure what you are gaining by
> doing this....
>
> I am assuming you are doing this to obtain some security by obscurity,
> right? If so why not choose something a bit less obvious than admin?  I
> would guess that someone breaking into your system upon not finding a root
> would see the admin account for what it is pretty quickly.....

no matter what, if they use an remote a root exploit, it will be useless to 
have an renamed admin account,  It will still be a 0 UID.  And IIRC su should 
still take them up to the equivilent root account, therefore it doesn't 
matter what it's named. (correct me if I'm wrong)


> Second, if one only gains access to your system via a standard user account
> what is keeping them from  looking for the 0 UID in /etc/passwd?  That will
> probably tip them off pretty quickly as to what account they should be
> targeting.
>
> I am still pretty new at all of this, I am just trying to figure out how
> the benefits outweigh potential risks/abnormalities.
>
> Jeffrey
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200112302056.fBUKujU15646>