Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!uflorida!novavax!twwells!bill
From: bill@twwells.com (T. William Wells)
Newsgroups: comp.unix.wizards
Subject: Re: Multiple Root ID's considered evil?
Message-ID: <1989Sep13.082607.981@twwells.com>
Date: 13 Sep 89 08:26:07 GMT
References: <1723@convex.UUCP>
Organization: None, Ft. Lauderdale, FL
Lines: 21

In article <1723@convex.UUCP> tchrist@convex.com (Tom Christiansen) writes:
: Some site are known to have multiple uid 0 accounts so not
: everyone needs to know the root password.  I seem to recall
: that this is considered a poor idea for security reasons.
: Could someone please explain why?

If done for the reason you suggest, that is an _awful_ idea! Root is
root. Anyone who gets uid 0 is god. On the other hand, we have three
root logins: one that uses / as the home directory and does not do
any interesting stuff in its .profile and two for the root "user"
(one using the Bourne shell and one using the C shell) which gets a
normal user environment; we treat these accounts as the same account
and give them the same password. The first account is there so that
we have a root login that won't break just because some wierdness is
going on in the network. The others are used for normal root activity
(but we have C shell fanatics and Bourne shell fanatics and never the
twain shall meet. :-)

---
Bill                    { uunet | novavax | ankh | sunvice } !twwells!bill
bill@twwells.com