Unix Power ToolsUnix Power ToolsSearch this book

49.10. Never Log In as root

The easiest way to allow a cracker into your system is to provide external root login access. In particular, if you allow root access through an unprotected and open protocol such as telnet, you're almost guaranteeing that your Unix box is going to be violated at some point.

To prevent this, most Unix systems don't allow remote login into the system as root. Instead, you log in under another username and then su to root once you're within the system.

Disabling root access differs between systems. If your box has an /etc/securetty file, this lists ttys that allow root access. Removing this file or removing its contents will disable root access.

In Solaris, a line within /etc/default/login file is commented out if remote root login is allowed:

#CONSOLE=/dev/console

Uncomment the line to allow root access through the system console. To completely disable console access, remove the /dev/console from the line:

CONSOLE=

-- SP



Library Navigation Links

Copyright © 2003 O'Reilly & Associates. All rights reserved.