If he makes a "su -" he just change the user to "root" but you'll need
the password anyway.
Only user root can switch to "usual" user accounts without password
permission.
Kosala Atapattu schrieb:
On Tue, Jun 3, 2008 at 11:21 PM, David Edwards <DEdwards@xxxxxxxxxxx> wrote:
Ron,
I do agree that allowing root access in some cases does make sense.
Are we missing something. Tell me that I don't understand something
here. How can a user doing "su -" and jumping to root after login with
a regular user be different from login with direct root.
Where the first option provide extra barrier for a hacker and second
lets someone do the root dance easily.
Kosala
--
Mit freundlichen Gruessen / Kind Regards
Mario Spiegel
