[NTLUG:Discuss] Virus / Worm problems
Patrick R. Michaud
pmichaud at pobox.com
Fri Oct 6 10:02:13 CDT 2006
On Fri, Oct 06, 2006 at 09:54:23AM -0500, Wayne Walker wrote:
> On Fri, Oct 06, 2006 at 09:33:25AM -0500, Terry Henderson wrote:
> > Ubuntu uses sudo for everything and has no root user account, (it is
> > dissabled by default).
> > BUT, it can easily be enabled;
> >
> > sudo passwd root
> > and then dissabled again:
> > sudo passwd -1 root
> >
> > Does this make Ubuntu more or less secure?
>
> MUCH less secure.
Interesting -- I would've posted that it's -marginally- less secure,
not that it's -much- less secure.
Why does enabling a password for root here make things significantly
less secure? (Let's assume that root is being given a reasonably
safe password -- something at least as secure as the password to
the account performing the sudo commands above.)
Pm
More information about the Discuss
mailing list