John Baltutis wrote: >On 06/06/05, Eric F Crist <ecrist at secure-computing.net> wrote: > > >>~flipper wrote: >> >> >>>If a root account is enabled, and I log in as root, I can go anywhere >>>on the computer into 'my' 'root' 'home', into other accounts, etc). >>>But with no root enabled, there are 'walls'...sudo, or no sudo. >>> >>> >>> >>If I'm not mistaken, root disable, or not, you can still sudo su - and >>go wherever you want to. >> >> > >You're mistaken. When you launch Terminal, it normally starts up in your >home directory. Now, if you enter this command: > >$sudo cd /private/var/root > >enter your admin password, you're not taken there. > >If you enter: > >sudo open /private/var/root/ > >then, the Terminal pops up a dialog box with this admonition: > >"The folder "root" could not be opened because you do not have sufficient >access privileges." > >The only way to execute those commands successfully is to enable the root >user via the NetInfo Manager.app. > > No he is not. Let me break it to you this way. $ sudo su - password: # echo "Hello ladies." Basically, you have just spawned a login shell as root through sudo... if you were anal enough you could also do this: $ sudo bash password: # There, you just ran bash as root. Hence you have a root shell. What is so hard to grasp in this concept? Sudo runs something as root, as simple as that... -- Alexandre Gauthier supernaut at underwares.org underwares.org Obscure IT knowledge Open Database The human brain operates at only 10% of its capacity. The rest is overhead for the operating system.