[52247] in North American Network Operators' Group
Security Practices question
daemon@ATHENA.MIT.EDU (John M. Brown)
Sun Sep 22 18:23:17 2002
Date: Sun, 22 Sep 2002 15:22:11 -0700
From: "John M. Brown" <john@chagresventures.com>
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
I have question for the security community on NANOG.
What is your learned opinion of having host accounts
(unix machines) with UID/GID of 0:0
otherwords
jmbrown_r:password:0:0:John M. Brown:/export/home/jmbrown:/bin/mysh
The argument is that way you don't hav to give out the root password,
you can just nuke a users UID=0 equiv account when the leave and not
have to change the real root account.
Now, don't flame me over the question, but provide valid pro's or con's
for this practice from your experience.
thank you.
the reason I'm asking is important.
john brown
