Multiple Root ID's considered evil?
T. William Wells
bill at twwells.com
Wed Sep 13 18:26:07 AEST 1989
In article <1723 at convex.UUCP> tchrist at convex.com (Tom Christiansen) writes:
: Some site are known to have multiple uid 0 accounts so not
: everyone needs to know the root password. I seem to recall
: that this is considered a poor idea for security reasons.
: Could someone please explain why?
If done for the reason you suggest, that is an _awful_ idea! Root is
root. Anyone who gets uid 0 is god. On the other hand, we have three
root logins: one that uses / as the home directory and does not do
any interesting stuff in its .profile and two for the root "user"
(one using the Bourne shell and one using the C shell) which gets a
normal user environment; we treat these accounts as the same account
and give them the same password. The first account is there so that
we have a root login that won't break just because some wierdness is
going on in the network. The others are used for normal root activity
(but we have C shell fanatics and Bourne shell fanatics and never the
twain shall meet. :-)
---
Bill { uunet | novavax | ankh | sunvice } !twwells!bill
bill at twwells.com
More information about the Comp.unix.wizards
mailing list