Subject: Re: "Don't login as root, use the su command."
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Greywolf <firstname.lastname@example.org>
Date: 02/11/2000 22:57:16
On Thu, 10 Feb 2000, der Mouse wrote:
# > Besides the fact that it is indeed inherently bad security to log in
# > directly as root (this need not turn into a security thread folks),
# Um, if you don't want it to turn into a security thread, don't make
# dogmatic security statements that aren't true!
# Direct logins as root are not inherently bad security. Like most
# things, they have problems and benefits, and in some environments, the
# problems outweigh the benefits; in others, it's the other way around.
A system is only as secure as its administrative staff. If the staff is
careless and doesn't know how to configure the box, it will not be a secure
I get annoyed with the message every time I install a new system, but
that's nothing a "vi .cshrc /.cshrc" won't cure. It's certainly not
a sufficient annoyance to warrant changing things in the distribution,
at least not to me.