30 Mar
2009
30 Mar
'09
7:30 a.m.
Christopher Chan wrote:
start/stop' though from Intrepid onwards I believe. There is no root account by default.
There is a root account, you just can't access it w/o setting it's password.
And as soon as you do set it's password, I highly recommend you then completely disable and lock down the very insecure sudo defaults.
The way OS X / ubuntu / etc configure sudo is something I highly disagree with. By default, all a cracker needs is to get a local uname/password for an admin user and he can then spawn a root shell.
With sudo disabled, the cracker must also have a local exploit that gets past SELinux. Assuming Ubuntu supports SELinux (does it?)