|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Victor R. Cardona (vcardon_at_siue.edu)
Date: Wed Jan 15 2003 - 14:52:57 CST
On Wed, Jan 15, 2003 at 08:47:50PM +0000, keith.anthony.roberts
bigfoot.com wrote:
> Surely it would be more difficult for any attacker to break into Linux
> if they did not know the username for the root account?
>
> I just wondered if it was possible to make root logins MUCH more secure
> with the following suggestions.
>
>
> When a NEW installation of Linux is done, allow the root user to select
> their -*OWN*- unique username for the root account in YaST, instead of the
> default 'root' username.
>
> Disallow the use of username 'root' for ALL root superuser logins.
>
> When a superuser logs-in they provide their unique username that they choose
> when installing Linux eg. under YaST.
>
> Each login program would need to be modified to reject the username of 'root'.
Login programs should only use the username to lookup a uid. If that
uid is 0 then the user is the super user. The name "root" is not
important at all.
Victor
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE+Jcop758g6wZaI14RAspZAJ9+44QElZYY8l4SopOGWuubV2/8OQCbBIyg
0PjtBVtovfhvK4ZB7Al/55Y=
=5MdU
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]