in reply to Is this script safe?
Not even the considering code this- idea is terrifies me.
Allowing ANYONE one to log into your account is dangerous. What if this person logs in and then copies /etc/password & /etc/shadow?
You mention that you will change the passwords weekly.
Cracking a password can be done in less than a day.
You have just given someone an opportunity to brute force root. After I get root, I can spam and get your server blackholed.
I can start removing any files I deem unecessary.
I can add root kits at will.
Being a sysadmin and securing a server is tough enough, why make it any harder on yours?
Moral of the story- don't allow anyone to log in as you.
|