On 04/03/2014 10:32 AM, quickbooks office wrote:
"3.1.4.2.2. Disabling Root Logins
To further limit access to the root account, administrators can
disable root logins at the console by editing the /etc/securetty file.
This is done in the name of accountability, by forcing an administrative
login through an account attributable to a specific person. This,
however, only makes sense if there _actually_are_ such individual
accounts on the system.
Would this proposal be acceptable if it wasn't implemented if 'root' is
the only account?
I personally don't think even such amended proposal is a reasonable
default configuration, because systems authenticating against a domain,
and having only one local (root) account, could lock the admin out if
something happens to the network or to the domain server.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct