[Ti] need root help
Kynan Shook
kshook at cae.wisc.edu
Sun May 30 15:33:12 PDT 2004
Enabling the root user is not a security risk; it's just risking
allowing an uninformed user to do things he or she shouldn't. Even
"sudo" is a risk that way; a sudo rm can do major damage if you put a
space in the wrong location in the path name. The only way that
enabling the root user would be a security risk is if it has a weak
password, in which case your admin account is probably at a similar
risk.
As long as you take care to make sure you know what you're doing
whenever in root mode (whether by su, sudo, or logging in as root), you
should be fine. If you have any doubts, then don't use it. And, even
if you are the most experienced user, check anything you type BEFORE
you press return; lots of experienced sysadmins can tell stories of how
they did major damage because of a little typo. The warning you see
the first time you run sudo says it all: "Think before you type."
"Tom R. no spam" <tr5374 at csc.albany.edu> writes:
> Always worth mentioning that having root user enabled can be
> a significant security vulnerability. That's why it's not
> activated in default state of OSX, having the "sudo" command
> line functionality available instead. And if Kynan's system is
> in this irregular a state after his actions, this root being
> available even tho the system seems not to know it seems
> worth being concerned about.
More information about the Titanium
mailing list