• 1
(Deleted comment)

Re: why ssh local root?

Interesting, although most security (DOD Types) I talk to, never want anyone logging in as root. They want the users to use sudo so they can log everything the administrator does. One goal with confined admins is to eliminate the use of the root password. With SELinux we can define a confined addmin like webadm_t which can only manage the httpd directories and processes. You would never give this admin the root password. Since he could use that to break out of his confinement

  • 1

Log in