On Mon, May 20, 2002 at 08:26:11PM +0100, Colin Watson wrote: > Like the document says, regularly su'ing to root from an account makes > compromising that account essentially equivalent to compromising root > anyway.
How so? Regularly sudo'ing, sure, since that uses the user's password as a (hopefully limited) root password. Or if the user's password and the root password are the same (which is a problem unto itself). However, I have two separate (and relatively strong) passwords for my user account and for root. In this situation, how would frequent use of su from my account "make compromising that account essentially equivalent to compromising root"? -- When we reduce our own liberties to stop terrorism, the terrorists have already won. - reverius Innocence is no protection when governments go bad. - Tom Swiss -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]