[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 25 Nov 2013, at 16:22, stinga <stinga+dcglug@xxxxxxxxxxxxx> wrote: > > Not possible, but I have tied it down to the hosts that need it. > I don't like not having root access. Yes I know you can su, but have you ever been > in the situation where you can't login to su? I have... can't remember what the > issue was now, luckily someone was in the server room that could logon. I've seen a lot of scenarios where root can login and not ordinary users. Folks are probably assuming you can get console access to login as root. e.g. root is allowed to login when physically close to the server (or virtual server). This is fairly typical get out of jail route for such a situation (e.g. /home mount stuffed). I do both at different times. The main reason for su/sudo type restrictions it to know who is logging in. Some folks imbue root with some mysterious essence, but it all comes down to policy. If you are the only one with the root password, then the main disadvantage of allowing root login is that hackers know an account name. I don't regard account names as secret, anyone reading the archive will have seen cut and paste with my usual username for Derek, although I sometimes take the trouble to clean it out. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq