Root password and ssh?
Bradley Hook
bhook at kssb.net
Wed May 14 20:46:04 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'd have to ask why your music files and images are owned and readable
only by root. Doesn't make much sense. You don't run your media player
as root, do you? Config files should be chmod 640 to root, and certain
executables as well, but content and such should be in the arena of
normal users. And you WANT to inconvenience your users if they are
trying to do something as insecure as logging in over ssh as root. I do
hope that OM isn't set up to run everything as root by default...
Mo Abrahams wrote:
| Except for if music files, images etc. on the phone are owned by root,
| in which case we wouldn't be able to access them via ssh.
|
| On Wed, 2008-05-14 at 09:54 -0500, Stephen Shelton wrote:
|> Why not disable login as root? Seems pretty simple, and IMO a good
practice in
|> general. I assume logging in as foo user works as normal...?
|>
|
|
| _______________________________________________
| Openmoko community mailing list
| community at lists.openmoko.org
| http://lists.openmoko.org/mailman/listinfo/community
|
|
- --
~Bradley Hook
Education Systems Administrator
Kansas State School for the Blind
1100 State Avenue
Kansas City, KS 66102
Voice: (913) 281-3308 ext. 363
Mobile: (913) 645-9958
Facsimile: (913) 281-3104
http://www.kssb.net
******************************************************************************************
Confidentiality Statement:
This message and accompanying documents are covered by the Electronic
Communications Privacy Act, 18 U.S.C. 2510-2521, and contain information
intended for the specified individual(s) only. This information is
confidential unless explicitly indicated otherwise. If you are not the
intended recipient or an authorized agent responsible for delivering it
to the intended recipient, you are hereby notified that you have
received this document in error and that any review, dissemination,
copying, or the taking of any action based on the contents of this
information is strictly prohibited. If you have received this
communication in error, please notify the sender immediately by E-mail,
and delete the original message.
******************************************************************************************
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIKzNsdLuK9oP1lmYRAhJ5AKClESkNOFWFHFLAg0FP7hmY8vi7hgCffCOf
j1eNnA6B51s0IBKejYaRcFA=
=uHph
-----END PGP SIGNATURE-----
More information about the community
mailing list
