Albert Cahalan wrote: > Bernardo Innocenti writes: > >> What we're actually doing is just to disable them in the >> default installation so that malicious activities cannot >> login as root or olpc and basically own the system. > > This is NOT needed at all. > > I wrote and tested an /etc/pam.d/su modification that will > prohibit all non-wheel users from getting su to work.
What use is it if an application can login, su or sudo as user olpc with no password and _then_ su to root? You can close all the open doors one by one by ruling out logins with empty passwords like ssh does, but then what would be the difference between an empty password and no password at all? Captain Obvious just told me that on any UNIX system, setting an empty password should enable a user to login without typing a password, while disabling the password should instead disable logins by that user. The ssh default of not accepting empty passwords is just a bit too paranoid for some scenarios, and not paranoid enough for others (why not also disallow stupid passwords? :-) > Apply both if you wish, but either alone will do nicely. > There are other ways too, like SE Linux. While I would certainly consider improvements, what's wrong that we're trying to fix with this simple solution we already adopted? -- \___/ |___| Bernardo Innocenti - http://www.codewiz.org/ \___\ One Laptop Per Child - http://www.laptop.org/ _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel