Jump to content

Two security questions


camorri
 Share

Recommended Posts

First of all, why would I need a user called guest? Is it necessary, and does it give me a security hole?

 

A little background. I'm running a samba server on this system, and I think the guest user is there to allow printing, without a log in by the end users. ( my family ).

 

I found a sym link in /home pointing to my home directory. Just a guess, does this give anyone connecting as 'guest' access to my home directory?

 

Second question, is about the root passwd. If I open a konsole, and su, the password I use works, I get root privileges, as expected. If I use ctrl + alt + f1 to get a command prompt, type 'root' and use the password that works from a konsole and su, the password fails.

 

I don't understand why it works with su and not through a tty.

 

How can I fix this, I would like one password that works for both.

 

I must admit, security is not my long suite...

Link to comment
Share on other sites

Can't help you about the guest user, but I would indeed remove it if unused (and give your family proper logins -- I believe that guest's files are cleaned out after logoff).

 

It is possible to restrict from which ttys you can logon as root using PAM, see file /etc/pam.d/login. The file /etc/securetty lists the consoles from which you can logon as root. You can always logon as root from an xterm started in your own Xwindows environment. PAM has many many options -- do some googling. Here is a starter: link.

Link to comment
Share on other sites

Thank-you for the response. I read the link information. I must admit I have some more reading to do.

 

I looked at /var/log/auth.log and found this - "pam_securetty(login:auth): access denied: tty 'tty2' is not secure !".

 

I see this is why I can not log through tty1 or tty2.

 

I will some more reading...

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...