Aaron,
In my time while I have been reading many of the messages on this mailing list,
I have seen some of the best attempts to answer this and they have come up with
superior answers. Now that they have taken their turn, I don't want to tax them
anymore, so I'll take a stab at this.
If you don't mind opening yourself to a host of bombardments, then go to your
/etc directory and look into the security files and open more tty...'s to get in
as root. I can guarantee that the first time your security is compromised you
will not only wish you had listened, but you'll notice that a complete overhaul
is needed in order to repaired any damage.
Now, in the infinitely and well thought out wisdom of those who passed down the
Linux OS, they came up with a natural installment to allow security to be the
first issue of priority for installations for the advanced and beginners. If a
backlash was to occur at any moment in the system, it would be less easier to
corrupt the system, then to just allow anyone to waltz in at their leisure.
Building a security wall is far much harden then creating a program to service
other users. If you're asking why, then let me give an analogy. If you placed a
lock on a door - you only keep the honest people out, but the hack/burglar would
just be detained by 5mins or less. The more security, the more you detain your
burglar!?!?!?
This is not sarcasm, but just food for thought. I hope it makes your day more
comfortable knowing others were looking after your needs.
*************************************************************************
Signed,
Grateful to Help
_____________________________Reply_Separator_____________________________
Aaron Blair wrote:
> > It's a security issue. Any privileged login from anywhere other than
> > the local console is a high security risk.
>
> What if you don't have local access to your own box?
>
> > The way this should be done is to telnet in as an ordinary user, then
> > su to root from there.
>
> How is that any more secure than than logging in as root to begin with?
>
> > It is possible to connect directly as root from a network connection
> > with ssh, but that's another issue.
>
> 99% of system crackers never log in directly as root anyway. Rather they log
> in as a non-privilaged user and go from there.
>
> Don't get me wrong, I've always made it prudent to not log in as root
> directly, but I'm really curious as to why this would be such a bad thing?
> What is the major security risk in logging in directly or logging in as a
> non-privilaged user and then su-ing?
-====---====---====---====---====---====---====---====---====---====---====-
to unsubscribe email "unsubscribe linux-admin" to [EMAIL PROTECTED]
See the linux-admin FAQ: http://www.kalug.lug.net/linux-admin-FAQ/
