Michael A. Peters wrote:
Christopher Chan wrote:
start/stop' though from Intrepid onwards I believe. There is no root account by default.
There is a root account, you just can't access it w/o setting it's password.
Oh you can. sudo -i. Now go away.
And as soon as you do set it's password, I highly recommend you then completely disable and lock down the very insecure sudo defaults.
And pick up the pieces. You do know that certain services are tightly tied into the way things are currently set up?
The way OS X / ubuntu / etc configure sudo is something I highly disagree with. By default, all a cracker needs is to get a local uname/password for an admin user and he can then spawn a root shell.
Not getting into that argument.
With sudo disabled, the cracker must also have a local exploit that gets past SELinux. Assuming Ubuntu supports SELinux (does it?)
Unfortunately, yes...but not as extensive as RHEL. So not quite a win for Ubuntu yet in helping you guys migrate. Soon I am going to get banned. :-D