Security Basics mailing list archives
Re: Multiple login accounts with root privileges
From: Jason <securitux () gmail com>
Date: Mon, 7 Apr 2008 13:51:32 -0400
Definitely need to be restricted. In addition to what others have said, if tight control is desired, most administrative functions can be covered by granting permissions to run certain commands as root by using sudo. You can be quite granular with sudo, and it allows you to keep an audit trail of who issued what commands. I am not sure why you'd have 'Administrator' on the UNIX box, unless there's some type of pass through authentication that an administrator on a Windows box is using to access a samba share on that client or vice versa. May also be a Windows administrator that wanted that generic Windows account name to be used on the UNIX box as well to make life easier for someone or for a scripted or batch job. -J On Mon, Apr 7, 2008 at 12:51 AM, ganesh mahadevan <ganesh.was.mahadevan () gmail com> wrote:
Hi, I was testing a thin client box and found that I could login as Root, Administrator and Admin (all with the same password). whoami indicated 'root' in all three cases. Is this some sort of aliasing going on? I may not be entirely correct on this but shouldn't the number of users with root privileges be restricted? What is your advice on this issue? Thanks in advance. Ganesh
Current thread:
- Multiple login accounts with root privileges ganesh mahadevan (Apr 07)
- Re: Multiple login accounts with root privileges Ansgar -59cobalt- Wiechers (Apr 07)
- Re: Multiple login accounts with root privileges Gleb Paharenko (Apr 07)
- Re: Multiple login accounts with root privileges Jason (Apr 07)
- Re: Multiple login accounts with root privileges li bo (Apr 08)
- Message not available
- Re: Multiple login accounts with root privileges Jason (Apr 08)
- Re: Multiple login accounts with root privileges ganesh mahadevan (Apr 08)