On Tuesday 19 October 2004 08:32, seth vidal wrote: > If you can't flip to a console and take care of the problem there as > root, then you REALLY don't need to be logged into a graphical client > to do it. Maybe go to failsafe with just a xterm. Is that a security risk? Also, I know things like Bastille (stripped /etc/securetty) can restrict root from logging in even from the tty. This forces the user to login first and switch to the root user in their session. It's another layer of security that a cracker must go around. Of course, if a user used NOPASSWD in sudoers, there's only one layer: the user's password. take care, -- -jeff
