Build 134: 1) Could anyone please explain why root has been converted to a role. I would venture a guess that someone somewhere believes that it is more secure to run root as a role. The whole "if root can not log directly into the box than someone can not crack the root password. Well I agree that root should not be allowed to login from the net but locking a root account out of console login relies on the user account always being valid. and how much harder is it to hack the user then move on to root, especially when the root password is the same as the users. Having root as a role is causing me many problems and I am wondering if others are in agreement or disagreement with this practice? 2) I have noticed that when sound-juicer is started by a non-root user the process runs as root and writes its files as root, WOW what a huge security hole this is. To have a non-privileged user able to start and control an application that writes files as root with root privilege to any filesystem!
Well least are root account is secure LOL, LOL, LOL I am really hoping someone can tell me that I am mistaken here! -- This message posted from opensolaris.org _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
