how to create a root equivalent user in linux?
Rich Burroughs
rich at paranoid.org
Thu Dec 16 20:45:57 UTC 2004
Wong Kwok-hon wrote:
> How about create a user root1 and given it to root group ?
It sounds like that's basically what he did, he put it in group zero.
The problem is that most files are not set to that group, so being in it
is not that much of a help. Plus, files often have permissions that
allow the owner different privileges than the group. For example, it's
very common to see files set to 755 or 644, where the group has less rights.
Sometimes hackers will add an additional user with group 0 and uid 0 but
a different username, as a backdoor. That way if the root password is
changed but the admin doesn't notice this other user, they can still get
root.
To the original poster - if you're wanting to set up an additional user
on your own system that can do all the things root can, the first
question I have is, why? If you have access to the root account, you can
use that. But if you really feel the need to do it, the best method is
to use sudo as other people have mentioned. And it's best to restrict
the sudo access to as few commands as possible, so that the new user can
do what they need to without having the run of the entire system.
Rich
More information about the fedora-list
mailing list