bna-linuxiran
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linuxiran] Normal user called root [was:Download a File Via wget]

From: Aryan Ameri
Subject: Re: [linuxiran] Normal user called root [was:Download a File Via wget]
Date: Thu, 21 Aug 2003 12:20:54 +0300
User-agent: KMail/1.5.1 
On Thursday 21 August 2003 04:51, Hossein S. Zadeh wrote:
> On Wed, 20 Aug 2003, Aryan Ameri wrote:
> > > Of course you can! Just edit /etc/passwd file.
> >
> > No you can't. The reason is simple.
> >
> > On any Unix system, the first username that is assigned to the
> > system is 'root'. On any Unix installation, you first setup root,
> > and then add other users to the system.
>
> Why don't you just try it? Unix systems have no concept of user names
> as such. All functions work with UID. It id UID "0" (zero) that has a
> special meaning in Unix, not username root.
>
> It is job of the shell to translate UIDs to usernames (and back). For
> example, you can create a new user, and change the username (but not
> the UID) in /etc/passwd, and /etc/shadow files. The system will then
> know the UID as the new username...
>
> You can do the same thing with user "root". Just keep the UID as
> zero, and change the username. You can also create a new user, and
> change the UID to zero (in /etc/passwd file), and the new user will
> have "root" privileges.

No I haven't tried, and I guess I will never try it on a production 
system, but:

Maybe your argument is correct (it sounds logical), but I guess the 
correct way of adding/removing a user on a Unix system is by using the 
adduser command. Editing /etc/passwd theoricaly might work, but it is a 
very obsecured method, to say the least. Utilities such as adduser 
simply do not let you assign user ID less than 500 (less than 1000 on 
some  Linux distributions) to a normal user. So, using standard Unix 
applications, you can not assign UID 0 to any normal user.

Your argument about editing /etc/passwd and /etc/shadow is academicaly 
correct. However, it would probably be the last method that a admin 
shall use in order to adminster system users. 

I say again, using standard Unix tools and commands, you can not assign 
a UID of 0 to any normal user. Thus, no normal user can have root 
previlages. Editing /etc/passwd might work, but the system would sooner 
or later end up in a mess.

Just my couple of cents.

Cheers



-- 
/*  "Every gun that is made, every warship launched,
every rocket fired, signifies in the final sense a
theft from those who hunger and are not fed, those
 who are cold and are not clothed."*/
                --President Eisenhower

Aryan Ameri
reply via email to
[Prev in Thread] Current Thread [Next in Thread]