1) no, odds are its no more secure because depending on the OS's they may be able to see the different OS's partitions (even if you don't mount them). This is assuming multi-boot, not VMs.
2) That said, who do you anticipate will compromise your security seeing as you either are multibooting - in which case unless you use LDAP to manage your users you're in for fun times keeping things synchronized and odds are this will only be for you, so really it makes no difference. Alternatively, you're doing VMs. in which case having 5 different root passwords is probably sensible.
I say "probably" because if you're maintaining five different OSs and are having users connect to them remotely, and you don't know about the security implications that may arise from those choices, odds are you have other gaping holes.
3) One password per user, per OS, is rather unmaintainable in the real world. If this is just for you, but the systems are online (again VMs) then odds are you'll be compromised for other reasons. See point 2. If this is for a host of users, and they can ssh to your hosts, you won't be able to enforce password skews efficiently anyway. Nevermind that you'll never get anything done seeing as your clients will constantly be calling you because they're confused, or because someone hacked an account because a client wrote his/her passwords down (so they wouldn't get confused).
4) Summary: complex systems are generally less secure than simple ones. Use individual root passwords per hosts, use alike passwords per user per groupable service (eg one password for Linux, one for FreeBSD and one for Windows; or one for webservers, one for database servers and one for fileservers) but keep in mind that at the end of the day you have little control as to what your users will do.
Last edited by chakkerz; 01-03-2009 at 06:01 AM.
Reason: typographical fixes, minor clarifications
|