Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)

From: Valdis.Kletnieks@xxxxxx
Date: Fri, 02 Feb 2007 01:38:20 -0500

On Fri, 02 Feb 2007 13:25:11 +0800, Eduardo Tongson said:

On 2/2/07, Xavier Beaudouin <kiwi@xxxxxxx> wrote:
<>

Allowing direct root login even with SSH is IMHO stupid...

Please elaborate why is it IYHO stupid.

In environments where more than 1 person has root access, allowing direct
login to root means you can't keep an audit trail of which person logged in.

And if your environment only one person has root access, that's just looking
for a DoS if the one person is hit by a bus.....

Attachment: pgp58ATDUc5Jh.pgp
Description: PGP signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
  - From: Raj Mathur

References:
- [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
  - From: Gianluca Giacometti
- Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
  - From: Knud Erik Højgaard
- Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
  - From: Paul Schmehl
- Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
  - From: Xavier Beaudouin
- Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
  - From: Eduardo Tongson

Prev by Date: [Full-disclosure] Hushmail from propolice@gmail.com
Next by Date: [Full-disclosure] Hushmail from Valdis.Kletnieks@vt.edu
Previous by thread: Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
Next by thread: Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
Index(es):
- Date
- Thread

Relevant Pages

Re: Software configuration management tool required
... > SNMP should be looked to ... Development systems were essentially production environments where the ... One of the things they implemented was taking root away from everyone ... Some admins just won't like it and will rebel, ...
(comp.unix.admin)
Re: [Perfctr-devel] RE: [perfmon] Re: quick overview of the perfmon2 interface
... > environments, this is more practical than having to recompile a custom kernel. ... > installs the tool it also installs the module. ... root privileges to get at normal functionality. ...
(Linux-Kernel)
Live Upgrade - synclist with ZFS
... ZFS root. ... lucreate -n rpw1 ... A Live Upgrade Sync operation will be performed on startup of boot ... Note the error about the file changing on both environments. ...
(SunManagers)
Re: Fedora and I are not mixing
... thing I need to fix is the "exit" command. ... root, when I need to log out I type in exit and the ... tring to get this set up for production, but I cant launch this into ... web-listed guidelines into new environments from incompatible old ...
(comp.os.linux.setup)
Re: root | su
... him why what he's doing is improper or foolish, or simply pull his root ... If this is a work-related incident, talk to your boss ... complete tool -- imagine Dilbert's boss with basic UNIX CLI and "how to ... didn't have root access to determine what the problem was, ...
(freebsd-questions)