I think he means disabling root access to X11
I believe he means disabling root access to X11 all together--not enabling console access on bootup.
I also want to know how to do this in two cases:
1. You are in xdm (kdm or gdm) and you try to log in as root (by habit).
2. You boot up in the console (by selecting console boot up in grub or lilo), log in as root, and execute startx, startkde, gnome-session, ...
In both cases I want to know how to disable X from allowing this. Then I want to know how to revert back to allowing root to access the X server again (well, probably a given, but just in case).
My guess is that it's a file permission based thing where root isn't allowed to read or execute from X directory, but the point of root is to be able to read/write/execute everywhere, so that can't work.
Maybe it's X which holds which users can and can't load up X, or if it has an option in it's configuration somewhere to disallow X from being accessed by root.
I'll agree that it's a cleaver idea to scramble the root password, but there is still an extremely big security whole when someone su's into root and accesses X by running a gui program--which is why kdesu and such exists to run a root program through a user's X...
Randomizing the root password only increases security when combined with what I want to know, so thanks very much, Simon Bridge, for that idea. That is something I will do in the meantime : )
In any case, any info would be appreciated. This is also the first link in google when searching "root access to gui," so maybe by answering this for me you can help others searching for an answer too...
Thanks in advance,
Tamus Royce
Last edited by tamusjroyce; 05-12-2008 at 06:06 PM.
Reason: refuting to just randomize the root password, though it is an excellent idea to do so anyways
|