[Ti] need root help

Kynan Shook kshook at cae.wisc.edu
Sun May 30 15:33:12 PDT 2004


Enabling the root user is not a security risk; it's just risking 
allowing an uninformed user to do things he or she shouldn't.  Even 
"sudo" is a risk that way; a sudo rm can do major damage if you put a 
space in the wrong location in the path name.  The only way that 
enabling the root user would be a security risk is if it has a weak 
password, in which case your admin account is probably at a similar 
risk.

As long as you take care to make sure you know what you're doing 
whenever in root mode (whether by su, sudo, or logging in as root), you 
should be fine.  If you have any doubts, then don't use it.  And, even 
if you are the most experienced user, check anything you type BEFORE 
you press return; lots of experienced sysadmins can tell stories of how 
they did major damage because of a little typo.  The warning you see 
the first time you run sudo says it all: "Think before you type."


"Tom R. no spam" <tr5374 at csc.albany.edu> writes:
> Always worth mentioning that having root user enabled can be
> a significant security vulnerability.  That's why it's not
> activated in default state of OSX, having the "sudo" command
> line functionality available instead.  And if Kynan's system is
> in this irregular a state after his actions, this root being
> available even tho the system seems not to know it seems
> worth being concerned about.



More information about the Titanium mailing list