RE: root login?

Glynn Clements (glynn@sensei.co.uk)
Sun, 14 Mar 1999 16:40:08 +0000 (GMT)


Alexander.vanLuijpen@nym.sc.philips.com wrote:

> In this case I wonder about the following .... is X(DM) more secure ? ...
> using XDMCP I can log in from any machine as root from my network. I know I
> can modify the Xaccess file to allow only connections from certain hosts,
> but I think this disables the general XDM login (for all users) ... can I
> also disallow root from using XDM (perhaps only from a secure workstation ?)

Logging in using xdm isn't significantly more secure than using
telnet. Someone who is sniffing the connection would have to figure
out which KeyPress events correspond to the password, which
complicates matters slightly, but that's all.

You could configure the Xsession script to terminate immediately if
the value $USER is `root'.

-- 
Glynn Clements <glynn@sensei.co.uk>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu