<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 04/03/2014 10:32 AM, quickbooks
"22.214.171.124.2. Disabling Root Logins
To further limit access to the root account, administrators can
disable root logins at the console by editing the /etc/securetty file.
This is done in the name of accountability, by forcing an
administrative login through an account attributable to a specific
person. This, however, only makes sense if there _actually_are_ such
individual accounts on the system. <br>
Would this proposal be acceptable if it wasn't implemented if 'root'
is the only account?<br>
I personally don't think even such amended proposal is a reasonable
default configuration, because systems authenticating against a
domain, and having only one local (root) account, could lock the
admin out if something happens to the network or to the domain