![]() The Root account password does not need to be shared with everybody who needs to perform some type of administrative task(s) on the system (see the previous bullet).sudo can be setup with a much more fine-grained security policy.Since the Root account password is locked, this attack becomes essentially meaningless, since there is no password to crack or guess in the first place.Īllows easy transfer for admin rights, in a short term or long term period, by adding and removing users from groups, while not compromising the Root account. What they don't know is what the usernames of your other users are. It is also nice for auditing.Įvery cracker trying to brute-force their way into your box will know it has an account named Root and will try that first. If you mess up, you can always go back and see what commands were run. Sudo adds a log entry of the command(s) run (in /var/log/auth.log). the tendency by users to login as an "Administrator" user in Microsoft Windows systems), you will be prompted for a password before major changes can happen, which should make you think about the consequences of what you are doing. It avoids the "I can do anything" interactive login by default (e.g. the root password), which they are likely to forget (or write down so anyone can crack into their account easily). ![]() Users don't have to remember an extra password (i.e.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |