On Mar 16, 2005, at 4:04 AM, Serban Udrea wrote:
> 1) I created a new user without initially receiving any warnigs, but 
> the day after, there was  a warning in the daily security report I get 
> by email. It was about the fact that the username is longer than 8 
> characters. Is this to be taken serious? I thought that nowadays the 
> limitation of usernames to 8 chars is history.

There is still a fair amount of software out there which assumes 8-char 
usernames.  Exceed that limit at your own risk.

> 2) All scripts in /etc/rc.d have 555 permissions and /etc and /rc.d 
> have 755 permissions. Thus any user can at least try to execute 
> scripts from /etc/rc.d. I thought that this scripts are supposed to be 
> run only by root.

The scripts are intended to be run by root during the startup process.  
Some of these scripts use "su" to run a daemon as some other user, and 
it is reasonable for non-root users to run them, too...

-- 
-Chuck