On Wed, Mar 25, 2015 at 05:56:34AM +0200, Martijn Dekkers wrote:
>
> I believe a lot depends on how you use the computer in question. When you
> are a desktop-mostly user, it is a very good idea to not run as root. This
> is mostly due to the fact that certain less secure application you use to
> interact on the Internet can do nasty stuff to your machine (I'm looking at
> you, IRC). Running as root allows them to do so with root privileges.

What are the security problems with IRC? I use it to chat in ASCII and
make a log. Evidently it has other, more dangerous capabilities I'm
not aware of.

>
> There are no significant *security* implications when running as root if
> you mostly use linux as a server OS. Simply banging "sudo" in from of most
> of your commands doesn't help you at all when it comes to security. There
> is a small benefit in not having the root account having a password, in the
> sense that everybody knows that there must be a root account on your
> machine, so that becomes an immediate target for every cracker with a
> rainbow table and some sort of shell access.

Are there any drawbacks to naming the root account something other
than 'root'? Perhaps by editing /etc/password and /etc/shadow? And, of
course, renaming /root correspondingly?

-- hendrik