Re: [cobalt-users] root password on RaQ4

[Diana Brake <diana@xxxxxxxxxxxxx>]

At 03:55 PM 8/3/01, Dave wrote the last bit:
> Sent: Tuesday, July 31, 2001 10:59 PM
> Subject: RE: [cobalt-users] root password on RaQ4
>
>
> >I want to change root password afterwards. From the control panel I
> >can only see how to change
> >admin password.
>
> : >If changing root's password could possibly screw something up, I'd
> : >love for someone from Cobalt (Jeff Lovell?) to come in here and tell
> : >me what - because I know of no 'cons' to the issue, only 'pros'.
>
> I'm a little hazy on having two different passwords for root and admin.
> For instance, *if* the badguy gets the root password it's all over, I
> understand this.  On the other hand, *if* they get the admin password,
> wouldn't it make sense just to run to the GUI and change the admin
> password which would now give them the root pass as well?
>
> Dave~

Hi,

Yes, I agree with Dave. That is why I disabled the admin user's shell 
access completely. I have another completely different ID that never gets 
mail, never FTPs, never logs into the GUI, and is the only user on the 
system that can become root and its password is entirely different than 
root's.  Now if someone manages to grab my admin user password..sure they 
can still do tons of damage through the GUI, but they can't telnet/ssh period.

Just one more obfuscation I know...but I like it..:)

see ya,
Diana
Crest Communications, Inc.		diana@xxxxxxxxxxxxx
Beautiful Sunny Florida		http://crestcommunications.com/
352-495-9359, 425-732-9785 fax