On Wed, Feb 04, 2015 at 08:18:23AM -0800, Keith Keller wrote:
On 2015-02-04, James B. Byrne byrnejb@harte-lyne.ca wrote:
One might question why *nix distributions insist on providing a known point of attack to begin with. Why does user 0 have to be called root? Why not beatlebailey, cinnamon or pasdecharge?
That is more or less what OS X does. User 0 still exists, and it's labelled as "root", but there is no way (unless the owner goes way out of his way) to actually log in as root. The first account created is given full sudo access, and can choose to grant sudo to subsequently created users. (Users with sudo can still get a root shell, but that's not the same as logging in as root.)
I thought Ubuntu did this as well, but I haven't installed Ubuntu for quite a while. Anyone know?
Yes, I think they were one of the first ones to do it. I remember thinking at the time, ah, copying Apple.