|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] Problem with second user with uid 0?
From: Jon Clausen (jon
stevnsgade.dk)
Date: Sat Mar 12 2005 - 01:56:11 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, 11 Mar, 2005 at 23:52:39 +0100, Frank Steiner wrote:
<snip>
> Anyway, in which way would this be more secure than giving the user the
> password? Booting from a CD to perform the fsck, he can enter a new
> encrypted string to /etc/shadow and has the root password after rebooting.
<snip>
So why don't you simply do that?
Right before you leave, you edit /etc/shadow and
- move 'your' encrypted string off of the system
- enter a different string
And when you return;
Move 'your' string back into /etc/shadow.
HTH
/Jon
--
YMMV
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]