WARNING - Re: SUMMARY: telnet as root

From: Stuart Whitby <swhitby_at_legato.com>
Date: Thu Nov 01 2001 - 09:28:21 EST
As a matter of policy (hence my copy to the list) I would
advise against ever allowing this.  Reasons include:
- If someone attempts to hack your machine, they only have
  to break one password instead of two to gain root access.
- If a user logs in and breaks something, all that 
  (generally) needs to be done is to check who last su'd to 
  root and ask what they were doing.  
- It stops users routinely logging in as root, and the 
  occasional rm -r * that we all do without first checking
  which directory we're in (I'm sure the current working 
  directory is changed every 10th run of this) tends to be 
  much less disastrous.

Regards,

Stuart.

Fernando_Serto@bovespa.com.br wrote:
> 
> Thanks for all the answers...
> 
> I know it was a stupid question, but maybe someone has the same doubt... here is
> the answer:
> 
> "all you have to do is leave the CONSOLE line like this (in the
> /etc/default/login file):"
> # If CONSOLE is set, root can only login on that device.
> # Comment this line out to allow remote login by root.
> #
> #CONSOLE=/dev/console
> 
> _______________________________________________
> sunmanagers mailing list
> sunmanagers@sunmanagers.org
> http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Thu Nov 1 14:28:21 2001

This archive was generated by hypermail 2.1.8 : Wed Mar 23 2016 - 16:32:34 EDT