Subject: Re: CVS commit: src
To: NetBSD-current Discussion List <current-users@netbsd.org>
From: Greg A. Woods <woods@most.weird.com>
List: current-users
Date: 03/16/1999 14:01:41
[ On , March 16, 1999 at 10:52:27 (-0500), Perry E. Metzger wrote: ]
> Subject: Re: CVS commit: src
>
> toor typically had no password.

Only until someone uses it, and people do use things that are made
available for them to use.

I'd also guess that with the last decade's worth of information about
computer security sitting in the back of everyone's mind that they'd
also be just as likely to give it a different password.  Admittedly the
increase in probability of guessing one of two different passwords is
very small.

However human factors may enter into the equation.  Say for example
you've had both passwords the same, then you're fired from your job of
managing such a system and someone else changes all the root passwords,
but doesn't realize, or don't have the skills to discover, that there's
this "back-door" superuser account you still know the password for....

I think the real issue is that multiple uid==0 accounts, *might*
represent an increased security risk in some circumstances and thus it's
not advisable to "recommend" this type of configuration in the default
system install.  Those who know what they're doing and who hopefully
know how to do a security risk assessment (even if just by the seat of
their pants) can easily add multiple uid==0 accounts after the fact
whereas it's impossible to undo damage already done.

Anyway we call all argue both sides of this issue six ways to Sunday
until our faces turned blue and we wouldn't necessarily solve anything.
Someone needs to take responsibility for this issue and make the
decision either way stick, because ultimately it doesn't really matter
what the default system looks like -- just that people are aware of the
risks in *their* own specific situations, and hopefully the standard
warranty dislaimer will protect both whomever makes the decision and
those that release the resulting product.

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>