Root Security

• Only become root to do single specific tasks. Be normal user otherwise.

• The command path for the root user is very important. Never use `.' in PATH environment variable.
• Never use the rlogin/rsh/rexec (called the r-utilities) suite of tools as root. Never create a .rhosts file for root.
• The /etc/securetty file contains a list of terminals that root can login from. Be careful what is here.
• You should be able to login remotely as your regular user account and then 'su' if you need to (hopefully over ssh or other encrypted channel), so there is no need to be able to login directly as root.
• Always be slow and deliberate running as root. Your actions could affect a lot of things. Think before you type!