[maemo-users] Questions #3: root

From: Thomas Leavitt thomas at thomasleavitt.org
Date: Thu Sep 13 09:53:04 EEST 2007
Very cool - I'm in as root! Now this is a *real* Linux box!

... although, from another perspective, I find it incredibly uncool that 
I've been walking around with a machine with a widely known default root 
password, not knowing that I'd enabled remote access to it when I 
installed the "ssh" package. I was under the impression that you had to 
go through some bizarre and risky gyration to obtain root access to the 
machine... not simply ssh to localhost!!!!! Eek?!?

Now, another geeky question. "user" is a lame login name. I'm going to 
assume that it is incredibly unwise to rename "user" to something 
reasonable, like "thomas" :) ... is it possible to create a new user and 
login using that account instead? I see (via redpill mode) that 
"adduser" is one of the packages installed.

I also noticed that "/etc/shells" has a long list of shells. It seems 
just slightly strange to me that, on a device this resource constrained, 
they'd "waste" even that many "bytes" by not truncating this file... 
makes me wonder what other potential "optimizations" haven't been done.

I also wonder how the synaptic install package managed to add a line 
referencing itself to /etc/sudoers... if the app installer permits 
modifications of this sort to be made to /etc/sudoers, doesn't that 
suggest someone could simply write an app that added the line below, or 
write a malicious app that gave itself root privileges?

What's the default password for "user"? Will changing it affect 
anything, since obviously the system auto-starts?


James Sparenberg wrote:
> On Wednesday 12 September 2007 12:39:52 Thomas Leavitt wrote:
>> What's the cleanest way to get this?
>> Thomas
>> _______________________________________________
>> maemo-users mailing list
>> maemo-users at maemo.org
>> https://lists.maemo.org/mailman/listinfo/maemo-users
> For me and my way of thinking.  Install Xterm... Install openssh (as apposed 
> to dropbear) from garage.  open Xterm and  do ssh root at localhost  use rootme 
> as the password.  Add this line to /etc/sudoers  
> Now give bother the user named user and root real passwords. Once you do this 
> user, user can sudo su  to root whenever you need it to.   I also recommend 
> removing the ability of root to ssh directly after you have confirmed that 
> you can sudo.
> James

More information about the maemo-users mailing list