|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
Valdis.Kletnieks
vt.edu
Date: Fri Feb 02 2007 - 00:38:20 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, 02 Feb 2007 13:25:11 +0800, Eduardo Tongson said:
> On 2/2/07, Xavier Beaudouin <kiwioav.net> wrote:
> <>
> >
> > Allowing direct root login even with SSH is IMHO stupid...
> >
>
> Please elaborate why is it IYHO stupid.
In environments where more than 1 person has root access, allowing direct
login to root means you can't keep an audit trail of which person logged in.
And if your environment only one person has root access, that's just looking
for a DoS if the one person is hit by a bus.....
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFFwtxccC3lWbTT17ARAutJAKDDqphAjhRt/Owl0Uv8Fe5fodasbwCfZ/5l
mFim0nhyJH25z0wMhYlrtQ0=
=BuYS
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]