User rights like "ROOT"
 

Hi Guys,

Can I creat the User same as ROOT, which can access all the Linux resource.

Plz guide me..

Thanks.

I think that if you just create a new user of any name you want but specify uid = 0 and gid = 0, you should be fine.

That's a bad idea and only mess things up even more.

And for ishwar, I would advise against having a user with all the same access as root. You want to look into sudo or something along those lines. Or just do it the safe way if you really need root access, just su to root.

Why don't you just change to root when you have to do whatever you have to do? Otherwise, su is definately the best way......either that, or changing to a different virtual terminal or something. Having another user with root permissions is bad practise!

What about adding a user same as root and then deleting the root account. Not sure if that would mess things up, but gives hackers a hard time since they would be trying root.

How about we just give them the correct way of doing it and tell them to setup a regular user along with sudo setup, or just su to root when needed.

Creating a user with all of root's access is a bad idea, bottom line. And its a bad idea to remove root from the system. Come on people, give good advise or don't reply at all.

im not trying to be rude or anything i just dont understand, why would it be a bad idea to revome root if you have another user with all of roots user settings?

Mostly because of the amount of work it would take to reconfigure the entire system, (not to mention the security issues), and we already have two tools designed to allow people who know the root password to attain root rights when needed, "su" and "sudo".

blither, take a look at things like /sbin and most of the files on your system actually. Most of them will be owned by root. If you did change, you'd have to reown everything to this new user, amongst many other things. It really wouldn't be worth it, after all, if a cracker finds out your root password, they don't also have to know the root username. su - and enter roots pass and they are in.

It's security by obscurity, and that's no security at all. You give yourself a false sense of security with something like that. The work involved would be great, for little to no good out of it.

A better idea is to frequently change root's password, or make it so damn hard to figure out, that it wouldn't be worth the time and effort.

Cool

Actually, adding another user with uid 0 and gid 0 (although stupid)
wouldn't damage anything. The ownership of files isn't done by username,
but by id. ls just translates the uid/gid to username/group.
For example, at work we have an appliance that is just a disk writer
(CD/DVD). To access the cdrecord program from a networked computer,
I've written a script to log into the appliance as a specific user. When
that user logs in, a Perl script is run and presents the user with a menu for
burning CDs/DVDs. I also want to be able to edit the Perl script as
someone other than root, so I've got another username with the same
uid/gid but a different login shell. So, I can log into the appliace as the
admin user and edit the Perl script that is the login shell for the other user.
I don't have to worry about permissions or anything like that, since the
filesystem recognizes these two users as one, and I don't have to log in as
root and fix the ownership of the file every time.

That's pretty cool, and useful too. Thanks moses, it's one of those things that knowledge is power, and can be used to do great things, or terrible things. LIke the force. :D

I don't know if I've already asked you, but are you aware of affero? You should sign up?
http://www.linuxquestions.org/questi...threadid=37249
http://www.linuxquestions.org/questi...threadid=36418
http://www.linuxquestions.org/questi...threadid=25730

I've tried to comment for you a couple times, but it appears you haven't signed up.

Cool

I'm signed up. I guess the button link doesn't point to the same place
as the link in my .sig. . . Hmmm. . . I guess I should figure out how
to fix that. Any ideas?

Nevermind, I just read the relevant post. I hadn't realized (though
I should have) that I needed to add my affero username to my
profile. . . Got it now. =-}

:) Thanks. I finally was able to affero you!

Cool

Thanks dood! =-} I do the best I can. . .