From owner-freebsd-security  Wed Jan 24 11:12:51 2001
Delivered-To: freebsd-security@freebsd.org
Received: from obivon.nren.nasa.gov (obivon.nren.nasa.gov [198.10.1.39])
	by hub.freebsd.org (Postfix) with ESMTP
	id ABEEA37B400; Wed, 24 Jan 2001 11:12:28 -0800 (PST)
Received: from localhost (matt@localhost)
	by obivon.nren.nasa.gov (8.10.2/8.10.2) with ESMTP id f0OJCO615395;
	Wed, 24 Jan 2001 11:12:24 -0800 (PST)
X-Authentication-Warning: obivon.nren.nasa.gov: matt owned process doing -bs
Date: Wed, 24 Jan 2001 11:12:24 -0800 (PST)
From: Matt Chew Spence <matt@nren.nasa.gov>
To: Lawrence Sica <larry@interactivate.com>
Cc: Guillermo Leandro <guille@galileo.or.cr>,
	<freebsd-security@FreeBSD.ORG>, <freebsd-hackers@FreeBSD.ORG>
Subject: Re: Default users and the passwords
In-Reply-To: <3A6E7F77.6DFC4A3E@interactivate.com>
Message-ID: <Pine.SUN.4.30.0101241103350.15387-100000@obivon.nren.nasa.gov>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


Another question in a similar vein:

Which, if any (besides root and nobody, which are a given), of these
default accounts are critical to the basic functionality of the box?  Is
there a list somewhere where I can match these phantom/daemon users to
their functionality/dependencies?  I'd just as soon blow away things I'll
never use, (uucp, xten, etc), but I am loathe to do so without a better
understanding of the ramifications thereof....

Any information would be greatly appreciated,

Matt

On Tue, 23 Jan 2001, Lawrence Sica wrote:

> Guillermo Leandro wrote:
>
> > Hi everybody!
> >
> > FreeBSD, like almost all Unix OS, has other default users, like uucp,
> > operator, etc. Since this users cames with the FreeBSD distribution, where
> > can I find their passwords?
> >
>
> they don't have any, the  pseudo users and system accounts dont have a login
> shell and their passwords should be set to * as well.    Be careful if you
> remove them since on a make world certain users are expected, same with
> groups.
>
> >
> > Another thing, why is there another uid 0 called toor? Isn't it a potential
> > security hole?
> >
>
> toor is a  big debate for many, its meant to give you another root shell with
> a differing shell, like bash,zsh,ksh whatever.  Reason is you dont wan to mess
> with root's shell.  Someone compared root to a loaded weapon recently, its a
> good analogy since you dont use root unless you mean it and you have to be
> careful.
>
> --Larry
>
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>



_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
Matt Chew Spence                Network Engineer/Systems Engineer
matt@nren.nasa.gov              NASA Research & Education Network
(650) 604-4550  (voice)         Ames Research Center Mail Stop 233-21
(650) 604-3080  (fax)           Moffett Field, CA 94035-1000
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message