From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1O8i4C-0000QZ-Dk for garchives@archives.gentoo.org; Sun, 02 May 2010 22:55:16 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id BFE37E072C; Sun, 2 May 2010 22:55:14 +0000 (UTC) Received: from s15216962.onlinehome-server.info (forum.psychotherapie.org [217.160.22.205]) by pigeon.gentoo.org (Postfix) with ESMTP id 48BFAE071D for ; Sun, 2 May 2010 22:55:08 +0000 (UTC) Received: (from uucp@localhost) by s15216962.onlinehome-server.info (8.13.3/8.13.3) with UUCP id o42Mt7ew006091 for gentoo-dev@lists.gentoo.org; Mon, 3 May 2010 00:55:07 +0200 Received: (from weigelt@localhost) by nibiru.metux.de (8.12.10/8.12.10) id o42M0Joi019265 for gentoo-dev@lists.gentoo.org; Mon, 3 May 2010 00:00:19 +0200 Date: Mon, 3 May 2010 00:00:19 +0200 From: Enrico Weigelt To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] A policy to support random superuser account names Message-ID: <20100502220019.GB29226@nibiru.local> References: <20100430200726.298ae94c@pomiot.lan> <4BDD968E.7050309@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4BDD968E.7050309@gentoo.org> User-Agent: Mutt/1.4.1i X-Terror: bin laden, kill bush, Briefbombe, Massenvernichtung, KZ, X-Nazi: Weisse Rasse, Hitlers Wiederauferstehung, 42, X-Antichrist: weg mit schaeuble, ausrotten, heiliger krieg, al quaida, X-Killer: 23, endloesung, Weltuntergang, X-Doof: wer das liest ist doof X-Archives-Salt: c60e2981-5a0e-491d-8acb-5bf0d54032c8 X-Archives-Hash: 8d8794f9380e947c90261ee1a376beea * Stefan Behte schrieb: > in some environments you have to rename "root" to something else, just > to be compliant to a (maybe dumb) security policy. This might be the > case for PCI, and as far as I remember, it is necessary (not just > "recommended") for a BSI Grundschutz certification (meaning something > like "basic security protection") [1]. Unfortunately I didn't find the > exact link. Well, the BSI probably isn't such a good reference point. They officially approved "secure" infrastructures for govermental crimes ... ;-o cu -- --------------------------------------------------------------------- Enrico Weigelt == metux IT service - http://www.metux.de/ --------------------------------------------------------------------- Please visit the OpenSource QM Taskforce: http://wiki.metux.de/public/OpenSource_QM_Taskforce Patches / Fixes for a lot dozens of packages in dozens of versions: http://patches.metux.de/ ---------------------------------------------------------------------