[Comm-en] ALT Server 4.0 - Preventing Root Log-ins
Virtual Sky
virtualsky.sk at gmail.com
Tue Mar 2 12:06:36 UTC 2010
> В Втр, 02/03/2010 в 09:34 +0200, Michael Shigorin пишет:
>
>> On Mon, Mar 01, 2010 at 08:05:44PM -0600, Virtual Sky wrote:
>>
>>> How difficult would it be to configure my ALT Server 4.0 box to
>>> disallow 'root' user log-ins and only allow a regular user
>>> log-in and then 'su' to the root account?
>>>
>> I'd do something like this to invalidate root password:
>>
>> cp -a /etc/tcb/root/shadow /etc/tcb/root/shadow-
>> echo 'root:x:14029::::::' > /etc/tcb/root/shadow
>>
>>
>>> If easy enough to configure, how does this affect the web
>>> browser configurator interface? Can you specify a regular user
>>> as the "administrator" to log in via the web interface?
>>>
>> AFAIR no.
>>
> AFAIK, this is technically possible to login into the web interface with
> any valid user, but insufficient permissions handling is inconsistent.
> Nothing destructive should happen though, so I'd try, if I were you.
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> community-en mailing list
> community-en at lists.altlinux.org
> https://lists.altlinux.org/mailman/listinfo/community-en
Thanks, everybody! I figured that dis-allowing root log-in would be
easy to do, but was concerned about the web configurator interface. If
I feel brave enough, perhaps I'll give your suggestions a try. ;o)
David.
More information about the community-en
mailing list