[grsec] su'ing to root

[Kurt Pomeroy]

Quick question,

	First of all I have to say thanks to the guys who replied. I 
read my post again and wanted to edit it lol, kinda sounded noobish 
yet ive been in Linux security and admin for 5 years now so im no noob 
lol.

	Ok, when the grsecurity is in its learning phase, the 
documentation says to run the system as you normally would but try not to 
do any administrative tasks ie adding users, changing passwords, adding 
or removing modules, modifying daemon configuraton files etc.. but lets 
say that I did have to su to root a few times during the 2 days or so
that they system was in learning mode, does that effect the overall 
security that grsec provides? I know that it does not in a way, because
once the system is running and everything is configured (by using the 
learning mode and by tweaking the policy file) there really isnt that much 
of a difference between "root" and a regular user correct?

	On the other hand, if you are root during the learning phase for 
whatever reason, does that allow someone who lets say for example gets 
root and tries to install a rootkit or add some sort of backdoor into the system?
Im pretty sure this is where the MAC comes into play right? Its the same with LIDS im assuming, 
where once the system was configured properly the user "root" was just another joe schmo
on the system without any special permissons or privlidges.

	Well thats all, just trying to figure out what I can and cant do during the learning phase(s).

	cheers all

	Really loving the new grsecurity, I will spread the word trust me.




 -- 
Kurt Pomeroy
Systems Administrator / IT Technician
Lakecrest - St. John's Independent School
58 Patrick Street
St. John's, Newfoundland, Canada, A1E 2S7
Phone: (709) 738-1212
Facsimile: (709) 738-1701
Website: www.lakecrest.ca

GnuPG Key: www.lakecrest.ca/kpomeroy.asc
Key fingerprint = 7D02 411B E89A 82E1 C278  B131 54BB 02AA BBB2 C1DF