Because the superuser account is occasionally compromised—for example, by somebody sharing the superuser password with a friend—there have been numerous attempts to limit the availability and the power of the Unix superuser account.
versions of Unix allow you to configure certain terminals so that
users can’t log in as the superuser from the
login: prompt. Anyone who wishes to have superuser
privileges must first log in as himself and then
su to root. This feature
makes tracking who is using the root account
easier because the su command logs the username
of the person who runs it and the time that it was run. Unix also requires that
the root user’s password be
provided when booting in single-user mode if the console is not
listed as being secure.
Secure consoles add to overall system security because they force
people to know two passwords to gain superuser
access to the system. Network virtual terminals should not be listed
as secure to prevent users from logging into the
root account remotely using
telnet. (Of course, telnet
should also be disabled, which it isn’t in some
environments.) The Secure Shell server ignores the terminal security
attribute, but it has its own directive
sshd_config) that controls whether users may log
in as root remotely.
On BSD-derived systems, terminal security is specified in the /etc/ttys file. In this excerpt from the file, the ...