Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 23 Jan 2001 16:36:05 -0500
From:      Pete Fritchman <petef@databits.net>
To:        Guillermo Leandro <guille@galileo.or.cr>
Cc:        freebsd-security@FreeBSD.org
Subject:   Re: Default users and the passwords
Message-ID:  <20010123163605.A89275@databits.net>
In-Reply-To: <01012315244000.00612@aristoteles.local.galileo.or.cr>; from guille@galileo.or.cr on Tue, Jan 23, 2001 at 03:24:40PM -0600
References:  <01012315244000.00612@aristoteles.local.galileo.or.cr>
next in thread | previous in thread | raw e-mail | index | archive | help 
[ removed -hackers ]

++ 23/01/01 15:24 -0600 - Guillermo Leandro:
>Hi everybody!
>
>FreeBSD, like almost all Unix OS, has other default users, like uucp, 
>operator, etc. Since this users cames with the FreeBSD distribution, where 
>can I find their passwords?

As root, 'less /etc/master.passwd' (note - you should not edit this file
directly, see the vipw(8) utility).  Their password is '*' by default, which
translates to being locked (ie: no crypt()'d password will EVER be a '*').

>
>Another thing, why is there another uid 0 called toor? Isn't it a potential 
>security hole?

No.  Like the other default users, the 'toor' account is locked by default.
IIRC, the purpose of toor is to have a different shell for root (ie: zsh,
bash, etc).  It's probably a bad idea to change root's shell unless you know
what you are doing (you don't want to lock yourself out by accidentally
specifying a wrong shell).  I guess it's really not important anymore since
you can specify a shell for single user mode, but it used to be a good idea
to have root's shell statically compiled (in case you need to be root in 
single user, and /usr is on another partition that's not mounted, etc).

So - if you prefer another shell, 'chsh -s /path/to/new/shell toor' and
'passwd toor'.  It should probably be a different password than root, just 
for security's sake.

Good luck.

-pete

>
>Thank very much.
>-- 
>Guillermo Leandro, FUNDACIÓN GALILEO
>Correo electrónico: guille@galileo.or.cr
>Sitio: http://www.galileo.or.cr
>Tel. (506) 280 8683, telefax. (506) 280 8847
>[...]
--
Pete Fritchman <petef@databits.net>
Databits Network Services, Inc. <http://databits.net>;



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010123163605.A89275>