On Thu, 2006-01-05 at 19:15 -0800, Michael A. Peters wrote: > I can't speak for Ubuntu - but OS X has a root account. > > sudo su - > > and you are root. Well any unix is not likely to get rid of root entirely, but you can eliminate the password on the account and discourage its direct use. > It weakens OS X because by default, every admin password is essentially > a root password. I'm not seeing a convincing argument as to why this is any worse than every admin knowing the root password. > In the early days it was *really* bad - as one could from a local > account do nidump passwd . and then run it through jtr to crack weak > admin passwords (and thus root the box). At least now they finally have > some sort of shadow implemented to prevent that. I don't see how weak passwords are sudo's fault.
Description: This is a digitally signed message part