D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Security Thoughts


On 30 Mar 2017 9:00 a.m., "Paul Sutton via list" <list@xxxxxxxxxxxxx> wrote:

I don't think ubuntu based distributions use the root / user system,
the first user you create is set to administrator, so basically added to
the sudo(ers) list so you can use sudo.

You can add additional users and set these to normal user accounts and
then have a specific account for administration.

Debian uses the root / user system and you can also add users to the
sudo(ers) list and group to carry out admin tasks by pre-fixing commands
with sudo.

i think the su command may still work, from, a normal account so perhaps
do this, I am not sure there is really that much to worry about.


Ubuntu does still have the root user, but by default it has no password and so can only be used interactively by an "administrative" user account using sudo.

In order to set a password for the root user, try this:
$ sudo passwd root

It is possible to completely remove the root user, and some distros that are designed to be completely locked down have done so. It takes quite a bit of work with setting up extra non-interactive accounts for services that need root access, fiddling with permissions, etc, but it can be done. Ubuntu has not done this.

Grant. :)
The Mailing List for the Devon & Cornwall LUG
FAQ: http://www.dcglug.org.uk/listfaq