MICHAEL AM FELT | SecuringAIX |
A question about the risk of being able to login as root either remotely or limited to the (virtual) console came up on a discussion group in LinkedIn recently. Ideally, there is no need to ever login as root (the big question or risk being: who is root today). Instead, users should be logging as as themselves and then using a mechanism to switchuser (su, sudo, super, etc.) to root.