Code: Select all
sudo passwd -dl root
But why in the world is it enabled in the first place. Most people use there computer for simple tasks(such as internet browsers, listening to music, playing games) Which requires the root account in no way at all(Just use Sudo right?)leaving it unlocked just for the sake of it is a very good way to get the system totally distorted! You got root you got the system! Okay so important data you can just encrypt sure but what about the rest of the system files the boot and other important things with root as long as its not in use you can just delete it! What user would do that more like what application would do that! Running a cleanup in root not a good idea but what if the user forgets! Make users go through the process of enabling it rather than disabling it! I heard about a guy that unsecured his Wifi (Idk why maybe for a test?) and of coarse all his " Neighbors" connected to it like mad. So he changed the name to something like "please do not connect" and of course those people just had to see that Facebook sh#t. So he changed it again to something like "Seriously do not connect to my wifi" and yeah that twitter just had to be read so it was like Christmas time in Kmart on that poor router...... The man decide to change it one more time "DO NOT CONNNECT!!!!!!" (Okay i do not think that was the name but you get it ) Common sense was not in the atmosphere so they connected and the man sent out a code that worked the HDD so hard it scathed the inside and the data was lost. These could have been prevented by A: spending that extra dollar for that SDD or Most importantly not allowing the code the be executed in the first place! Yeah i am sure the code needed root permission and it probable had a way of finding your password but if it cannot get the your root password there is only so much it can do. With root account enabled your account password is roots password too with it disabled it has not password and is locked.(Yes I believe these were windows computer but that not the point!)
I am not saying get rid of the user account root (please do not) I am just saying to have it locked and make the user put in a terminal command to lock it and unlock as needed but keep it locked as default seems like a better idea to me. It can always be enabled by a simple little command! Some users might just run root account because of all the freedom it brings but a least making them look up the code will make them see the risks.
This is a nice topic discussing ithttp://forums.linuxmint.com/viewtopic.php?f=46&t=115790
Also in the terminal when the font turns red its root right. Mine turned red from running su - root. It sure was intimidating that red font! I quickly closed it because I thought I was root and did not want to break my system!