From owner-freebsd-security Wed Jan 24 13:25:33 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.interactivate.com (unknown [63.141.73.15]) by hub.freebsd.org (Postfix) with ESMTP id 6128037B400; Wed, 24 Jan 2001 13:25:11 -0800 (PST) Received: from interactivate.com ([63.141.73.10]) by mail.interactivate.com (8.11.1/8.11.1) with ESMTP id f0OLl0V70626; Wed, 24 Jan 2001 13:47:00 -0800 (PST) (envelope-from larry@interactivate.com) Message-ID: <3A6F4689.A3E65177@interactivate.com> Date: Wed, 24 Jan 2001 13:18:01 -0800 From: Lawrence Sica Organization: Interactivate, Inc X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Matt Chew Spence Cc: Guillermo Leandro , freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: Default users and the passwords References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Matt Chew Spence wrote: > > Another question in a similar vein: > > Which, if any (besides root and nobody, which are a given), of these > default accounts are critical to the basic functionality of the box? Is > there a list somewhere where I can match these phantom/daemon users to > their functionality/dependencies? I'd just as soon blow away things I'll > never use, (uucp, xten, etc), but I am loathe to do so without a better > understanding of the ramifications thereof.... > The big issue if it can break make worlds. Make world expects cerain users and groups. If your not running hte services, star out the passwords and make sure they have a nologin shell. That probably the safest bet. --Larry -- Lawrence Sica ------------------------------------------- larry@interactivate.com systems Administrator - Interactivate, Inc. http://www.interactivate.com ------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message