Re: Getting ready for CentOS 5.4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Christopher Chan wrote:

> start/stop' though from Intrepid onwards I believe. There is no root 
> account by default.

There is a root account, you just can't access it w/o setting it's password.

And as soon as you do set it's password, I highly recommend you then 
completely disable and lock down the very insecure sudo defaults.

The way OS X / ubuntu / etc configure sudo is something I highly 
disagree with. By default, all a cracker needs is to get a local 
uname/password for an admin user and he can then spawn a root shell.

With sudo disabled, the cracker must also have a local exploit that gets 
past SELinux. Assuming Ubuntu supports SELinux (does it?)
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux