NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: root to ahab?

On Mon, 20 Jul 2009 09:25:02 -0700
"Aaron J. Grier" <> wrote:

> On Mon, Jul 20, 2009 at 06:17:17PM +0200, Nino on NetBSD 4.0 wrote:
> > usermod -l ahab root
> > 
> > ... and it worked. - Frankly speaking, I saw no change at all, only
> > that root was now ahab. Is this a good idea? - I mean, if someone
> > attacks your system from the outside, he would this way not even
> > know which account he wants; you could infact install a totally
> > harmless user named "root", not even member of wheel, and thus
> > guide everyone into it. I am not very well-versed in these matters,
> > it was just a funny idea... but if it is a bad one, please tell me.
> I'll let Dr. Bellovin comment on the security implications, but I
> would expect some scripts (installation, nightly maintenance runs) to
> start falling apart, since they assume the "root" account exists.

That one will require some thought, but offhand I don't see any
> let us know what you find.

Definite problems -- a quick grep shows several scripts in rc.d that
assume root (ipfs, cleartmp, perusertmp, motd, maybe others).

                --Steve Bellovin,

Home | Main Index | Thread Index | Old Index