theoretical question - can root's username be changed?

[Jeff Vian]

On Fri, 2005-12-02 at 08:34 -0500, Claude Jones wrote:
> On Fri December 2 2005 8:23 am, Matthew Miller wrote:
> > Beyond that, the name you pick doesn't really matter, since the power is in
> > uid/gid 0, not in the name. And, someone trying to break in other than
> > through password-guessing (which they won't even be able to try if you
> > block external root logins) won't care what the name is; they'll aim for
> > uid 0. (In fact, a common system-hacker thing to do is create a second
> > account with uid 0.
> 
> This is getting at what I was trying to understand - 
> This raises another question. A constant suggestion I've read is to block root 
> logins and use sudo. If someone breaks in using my login/pw combo, what's to 
> prevent them from using sudo to get root privileges? If they've hacked my 
> username/password, then wouldn't sudo be the first thing they'd try, too?

You are correct in that.  That is also the reason the suggestions are
very strong that all users must have strong passwords, and that users
have different passwords on different servers.

Script kiddies can easily use the root account to try and hack in
because of the known name.  It is a little harder to identify another
user and try to hack in that way, but even if they succeed with a normal
user account it also still means they need another method to get root
privileges. 
This means that breaking in with a regular user account does not give
them root access directly.

Sudo is one quick way to allow them the root access and as such even
limited commands should be restricted to only those users that actually
need it and that also use strong passwords.

Security is not a single shell which opens up everything with a single
crack, but rather layers that all working together do the job.

> -- 
> Claude Jones
> Bluemont, VA, USA
>