User rights like "ROOT"
Hi Guys,
Can I creat the User same as ROOT, which can access all the Linux resource. Plz guide me.. Thanks. |
I think that if you just create a new user of any name you want but specify uid = 0 and gid = 0, you should be fine.
|
Quote:
And for ishwar, I would advise against having a user with all the same access as root. You want to look into sudo or something along those lines. Or just do it the safe way if you really need root access, just su to root. |
Why don't you just change to root when you have to do whatever you have to do? Otherwise, su is definately the best way......either that, or changing to a different virtual terminal or something. Having another user with root permissions is bad practise!
|
What about adding a user same as root and then deleting the root account. Not sure if that would mess things up, but gives hackers a hard time since they would be trying root.
|
How about we just give them the correct way of doing it and tell them to setup a regular user along with sudo setup, or just su to root when needed.
Creating a user with all of root's access is a bad idea, bottom line. And its a bad idea to remove root from the system. Come on people, give good advise or don't reply at all. |
im not trying to be rude or anything i just dont understand, why would it be a bad idea to revome root if you have another user with all of roots user settings?
|
Quote:
|
blither, take a look at things like /sbin and most of the files on your system actually. Most of them will be owned by root. If you did change, you'd have to reown everything to this new user, amongst many other things. It really wouldn't be worth it, after all, if a cracker finds out your root password, they don't also have to know the root username. su - and enter roots pass and they are in.
It's security by obscurity, and that's no security at all. You give yourself a false sense of security with something like that. The work involved would be great, for little to no good out of it. A better idea is to frequently change root's password, or make it so damn hard to figure out, that it wouldn't be worth the time and effort. Cool |
Actually, adding another user with uid 0 and gid 0 (although stupid)
wouldn't damage anything. The ownership of files isn't done by username, but by id. ls just translates the uid/gid to username/group. For example, at work we have an appliance that is just a disk writer (CD/DVD). To access the cdrecord program from a networked computer, I've written a script to log into the appliance as a specific user. When that user logs in, a Perl script is run and presents the user with a menu for burning CDs/DVDs. I also want to be able to edit the Perl script as someone other than root, so I've got another username with the same uid/gid but a different login shell. So, I can log into the appliace as the admin user and edit the Perl script that is the login shell for the other user. I don't have to worry about permissions or anything like that, since the filesystem recognizes these two users as one, and I don't have to log in as root and fix the ownership of the file every time. |
That's pretty cool, and useful too. Thanks moses, it's one of those things that knowledge is power, and can be used to do great things, or terrible things. LIke the force. :D
I don't know if I've already asked you, but are you aware of affero? You should sign up? http://www.linuxquestions.org/questi...threadid=37249 http://www.linuxquestions.org/questi...threadid=36418 http://www.linuxquestions.org/questi...threadid=25730 I've tried to comment for you a couple times, but it appears you haven't signed up. Cool |
I'm signed up. I guess the button link doesn't point to the same place
as the link in my .sig. . . Hmmm. . . I guess I should figure out how to fix that. Any ideas? Nevermind, I just read the relevant post. I hadn't realized (though I should have) that I needed to add my affero username to my profile. . . Got it now. =-} |
:) Thanks. I finally was able to affero you!
Cool |
Thanks dood! =-} I do the best I can. . .
|
All times are GMT -5. The time now is 11:46 PM. |