It appears as if I have fallen behind the times in terms of Linux security. I apologize for not keeping up. =) I'd like to take a moment to ask a few questions so that I can better understand the reasoning behind certain changes being a bad idea, and thus become more knowledgeable. 2: /etc/ssh/sshd_config change In regards to changing PermitRootLogin to no, we'd obviously need a regular user account to login to, then su to root. Thus, even one who has the root account and password would need a regular user name and password before the root account would do him any good. However, perhaps there is a downside to this as well? Or perhaps we don't change any defaults from upstream OpenSSH unless absolutely necessary? I'm sure there are those who want to login as root, and those who don't. Just curious about the reasoning... In regards to the GCC lockdowns, it was my understanding that sometimes hackers use our own compilers against us by logging in as a normal user, using gcc to build their hacktools, and then using the built tools to compromise root. Is this something that is no longer done? Just curious. Thanks in advance! Riley -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
