[800] in linux-security and linux-alert archive
Re: [linux-security] Admin note (recent traffic surge).
daemon@ATHENA.MIT.EDU (Felix von Leitner)
Thu Jun 13 15:38:46 1996
Date: Thu, 13 Jun 1996 21:03:11 +0200
From: leitner@prz.tu-berlin.de (Felix von Leitner)
To: woody@altair.stmarys-ca.edu (Woody Weaver)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <m0uTbSu-0005KYC@altair.stmarys-ca.edu>; from Woody Weaver on Jul 11, 1996 14:59:00 -0700
Thus spake Woody Weaver (woody@altair.stmarys-ca.edu):
> It is reasonable to have two uid 0 accounts? The idea is to minimize
> risk but not permit single points of failure. The downside, of
> course, is that with both "root" and "tuber" things like ftp or nfs
> access to tuber do not have built in protection as it does against
> root, so ideally one would have to patch daemons to recognize both
> accounts as special (or get the authors to protect against uid 0
> accounts rather than a specific username).
The NFS protection is against UID 0, not against the user name "root".
Felix