[Sderby] root priviledges
Mike Hemstock
hemstock at tiscali.co.uk
Sun Oct 24 12:58:18 BST 2004
On Sunday 24 October 2004 12:25, Paul Grosse wrote:
> Folks,
>
> I seem to remember reading somewhere (although I have spent the last two
> days trying to find it again) that you can asign root's priviledges to
> another account (which is easy enough to do anyway and isn't really what
> this is about) but then, give root no priviledges (which is what this is
> about).
>
> The idea being along the lines of: anybody who hacks into your system and
> manages to log into the root account finds themself with nothing
> spectacular. This is basically security by obscurity so it is limited in
> its effectiveness as anybody then just needs to find the real 'root-like'
> account and then just socially engineer the details from an unsuspecting
> target.
>
> I'm not talking about sudo here.
>
> Has anybody done this or know somebody who has done this? Or, know of this
> (know the web page I've seen -- I didn't bookmark it)?
Just create a new user called whatever you want. Then edit /etc/passwd. The
file is colon separated. The third and fourth fields are UID and GID.
Simply swap them for root and the new user and the new user becomes root and
root becomes the new user. I'm not sure how effective this would be as a lot
of stuff can be done using UIDs, so one can simply use UID 0 instead of the
user name and still become root.
Mike.
More information about the Sderby
mailing list