About root or administrative account

[Kristian Rink]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi there;

[David B Teague <davidbteague at verizon.net> @ Fri, 23 Mar 2007 07:20:35
- -0400]

> This is easy, Ubuntu, Kubuntu, Edubuntu, Xubuntu are bad distros,
> they killed security by disabling root account. Any distro with no
> system admin account is bad.

This is a point begging for heavy discussions. Arguing the other way
'round, having an omnipotent "root" account around could be considered
a "flaw" of Unix systems, given that if you want to compromise system
security, you already do know a valid login name ("root") and "only"
need to figure out the password for that. This sort of attacks are
effectively prevented by disallowing root logins and forcing login as
an unprivileged user and gaining "root" rights using SU instead.

However the TechRepublic comment, in this way, is (no offense) rather
pointless as (a) Ubuntu actually _has_ a system admin account (there is
root, only thing is that root _login_ is disallowed, which is same on
most of my Unix/Linux servers no matter whether Ubuntu or not), and (b)
the guy who made that comment doesn't actually point out _why_ a
"missing system admin account" should be considered a bad thing.


Actually, I also know a point of view considering the Unix model of
having an "omnipotent" system administrator bad in itself, compared to,
say, Windows-NT'ish systems where distributing administrative
permissions across several user accounts seems way easier. A matter of
taste and administration, perhaps... :)


Cheers,
Kristian

- -- 
Kristian Rink * http://zimmer428.net * http://flickr.com/photos/z428/
jab: kawazu at jabber.ccc.de * icq: 48874445 * fon: ++49 176 2447 2771
"One dreaming alone, it will be only a dream; many dreaming together
is the beginning of a new reality." (Hundertwasser)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGA7sCcxBAPOA1m6wRAnr0AKCa7FaHBfW+PH5WJ5nlhDS2VI31EQCfR2sf
bGukkKVuR8XRxNvhCed/Fzo=
=6lor
-----END PGP SIGNATURE-----