theoretical question - can root's username be changed?
Jeff Vian
jvian10 at charter.net
Fri Dec 2 13:34:25 UTC 2005
On Fri, 2005-12-02 at 08:47 +0200, Markku Kolkka wrote:
> Claude Jones kirjoitti viestissään (lähetysaika perjantai, 2.
> joulukuuta 2005 06:16):
> > Why the word 'feeble'? If everyone in the
> > Linux world knows that the chance is good that there is a user
> > called 'root' on any given Linux box, and that user has nearly
> > unrestrained privileges, why would it be feeble to double the
> > guessing that must go on to get at root's privileges, by
> > changing his username.
>
> Because the privileges are bound to UID=0, not to any particular
> username. Changing the username doesn't add security in any way
> because root exploits try to change the effective UID to 0 or
> try to change the operation of a process already running at UID
> 0.
>
The privileges are given to UID 0, but many things depend on the name as
well so it becomes very difficult to remove the username.
As long as the administrator uses strong passwords by default, changes
them periodically (some say frequently), and restricts remote access to
that account it is reasonably secure to have the root user there.
Changing the username would add some small amount of security because
then the password hacks would fail with the root account. The exploits
that depend on the UID though would not be affected in any way by
removing the root user.
> --
> Markku Kolkka
> markku.kolkka at iki.fi
>
More information about the users
mailing list