Linked by Eugenia Loli on Wed 22nd Mar 2006 02:44 UTC
Mac OS X In Mac OS X, the root account is disabled by default. The first user account created is added to the admin group and that user can use the sudo command to execute other commands as root. The conventional wisdom is that sudo is the most secure way to run root commands, but a closer look reveals a picture that is not so clear.
Permalink for comment 106611
To read all comments associated with this story, please click here.
The article misses the point.
by subterrific on Wed 22nd Mar 2006 04:46 UTC
Member since:

- Commands executed in a root shell aquired with sudo -s are logged to the users shell history file. Besides, if someone has gained root on your box you've got bigger problems than "what commands did they execute". You might as well wipe the box clean.

- If you think someone can guess your user password and then gain root with sudo, the solution isn't to enable root. The solution is to pick a better password and change it often.

I still haven't heard one good reason for enabling the root user.

Reply Score: 5