Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I'm running RHEL5.x. Does anyone know of a setting or rpm available, to apply all of the password complexity rules, ie min-len, reuse, char-types, etc to the root user? I have the proper settings and for all users except root, these settings are forced. If I change a password as root user, the system complains if I don't meet complexity rules but still accepts the changes. This isn't just for root changing its own password, but root changing any password, such as when running as system administrator
Distribution: Solaris 9 & 10, Mac OS X, Ubuntu Server
Posts: 1,189
Rep:
From a practical point of view, you got the warning and should provide a new password that meets the rules. There is really no difference other than that root has to be trusted and might sometimes have reasons for breaking rules.
The correlary is that you shouldn't give root out to anyone you don't trust. There should be an absolute minimum of people allowed root access, and they should be trusted, reliable and knowledgeable.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
