|
On 04/03/2014 10:32 AM, quickbooks
office wrote:
This is done in the name of accountability, by forcing an administrative login through an account attributable to a specific person. This, however, only makes sense if there _actually_are_ such individual accounts on the system."3.1.4.2.2. Disabling Root Logins To further limit access to the root account, administrators can disable root logins at the console by editing the /etc/securetty file. Would this proposal be acceptable if it wasn't implemented if 'root' is the only account? I personally don't think even such amended proposal is a reasonable default configuration, because systems authenticating against a domain, and having only one local (root) account, could lock the admin out if something happens to the network or to the domain server. |
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
