LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-16-2004, 07:34 PM   #1
paeng16
Member
 
Registered: May 2004
Posts: 47

Rep: Reputation: 15
Question changing UID of a user to "0"


Hi,

I changed the UID of a regular user account to 0 and root to 600 and the regular user account can execute root priviledges. I wonder if it is posible to have 2 or more root users on a linux box?

Thanks
 
Old 06-16-2004, 09:00 PM   #2
kvedaa
Member
 
Registered: Mar 2004
Location: Virginia
Distribution: PacketProtector
Posts: 331

Rep: Reputation: 30
I know of no reason why you cannot have multiple users as root (i.e. UID 0). Keep in mind that when you make a file as a user with a UID of 0 it will not display that users name of the user who created it (when you do a ls -l). As I understand it, the ownership of a file is not saved as the username (or group name as the case may be), but as the UID (or GID), so your "regular user" with a UID of 0 will create files with this UID and since the first user to translate out to the UID in the /etc/passwd file will likey be root, root will show as the owner of these files.

Also please keep in mind all of the standard warning messages that go along with extensive use of a root (UID 0) account. It is amazingly easy to do very bad things to your system in a hurry if you are not careful.
 
Old 06-16-2004, 09:21 PM   #3
paeng16
Member
 
Registered: May 2004
Posts: 47

Original Poster
Rep: Reputation: 15
I was gonna use this on one of the servers on my office. One programmer has changed the root password and didn't gave me a copy. I tend to change my account's UID to 0 as a BACK-DOOR to root access without him knowing. Do you think this is the best resort for my situation?
 
Old 06-16-2004, 10:19 PM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Whoever is admin of the box is much better using sudo to give other users access to root level commands. Giving out the root password to multiple users or having multiple UID 0 acounts is really a bad idea and can cause problems (users being able to lock the admin out is just one example) and also is a logging nightmare. Plus with sudo, you can limit what access the "privileged" users have on a more granular level.
 
Old 06-16-2004, 11:09 PM   #5
paeng16
Member
 
Registered: May 2004
Posts: 47

Original Poster
Rep: Reputation: 15
Talking

thanks for your reply.
 
Old 06-16-2004, 11:31 PM   #6
phek
Member
 
Registered: Jul 2001
Location: California, US
Distribution: Slackware
Posts: 196

Rep: Reputation: 30
My workstation has 2 users with the UID of 0 and I havent noticed any issues in the 3 years that I've had it set up like this other than any files created by the non root named one says they're owned by root ( which is just because root is at the top of the list in /etc/passwd ). Back when I set this up though I did notice a lot of problems with getting rid of the root user so I wouldn't recommend trying that. What I did on my machine was set my root password to 100+ character password that way it wont be easy to crack the password for about another 50 years. Make sure you remember what the password is though because there are times that some programs ask for your root password ( like when you have issues changing to a RW root file system on boot. )
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
mambo: changing "Poll" to say "Encuesta" eantoranz Linux - Software 2 03-28-2006 11:35 AM
User "list" running process "python" TroelsSmit Linux - Newbie 2 02-22-2005 04:55 AM
pam_succeed_if: requirement "uid < 100" not met by user Phonics3k Linux - General 3 12-17-2004 09:13 AM
"User" & "System" CPU load difference JJX Linux - General 3 06-06-2004 01:42 AM
Shorten a Qmail user name to "user" instead of "user@domain.com" anorman Linux - Software 0 12-12-2003 08:29 AM


All times are GMT -5. The time now is 07:02 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration