Date: Fri, 20 Feb 2004 17:16:44 -0500 (EST) From: Jerry McAllister <jerrymc@clunix.cl.msu.edu> To: b@analogon.com (Thomas Beer) Cc: meimi <meimi_1@hotmail.com> Subject: Re: Removing system user Message-ID: <200402202216.i1KMGii12074@clunix.cl.msu.edu> In-Reply-To: <3545.217.235.127.4.1077313623.squirrel@webmail.pair.com> from "Thomas Beer" at Feb 20, 2004 09:47:03 PM
next in thread | previous in thread | raw e-mail | index | archive | help
> > I would not delete them. A normal user, e.g., has to > be member of the group staff to su to root, etc. It is group wheel they need to be in. I suppose someone might have made staff work too, but wheel is the biggie. ////jerry > > Cheers Tom > > > On Fri, Feb 20, 2004 at 11:51:03PM +0800, meimi wrote: > > > >> I have read some document about server hardening. It suggests me > >> removing > >> the following users: > >> operator, games, news, uucp > >> and following groups: > >> operator, staff > >> I can guess that games is used for playing and news is used for > >> reading > >> news in news group. How about the other? Their descriptions in passwd > >> are > >> not clear. > >> Am I safe to remove them in normal server environment (web, mail, ftp, > >> DNS, SSH)? > > > > You can certainly remove those users and groups, but it's unlikely to > > gain you very much and quite likely to cause you some problems. It > > will certainly make it harder for you to do routine updates on your > > system, possibly including some security patches. > > > > So long as you don't alter the entries in the master.passwd and group > > files for those entities, you're pretty safe. Those IDs exist mostly > > to be the owners of various files: note that the shell has been set to > > /sbin/nologin and the password for those accounts has been locked and > > that they have no special privileges despite the low UID and GID > > numbers -- as such they are rather less dangerous than the account you > > use to log in via. > > > > All in all, I wouldn't bother touching those accounts. > > > > Cheers, > > > > Matthew > > > > -- > > Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks > > Savill Way > > PGP: http://www.infracaninophile.co.uk/pgpkey Marlow > > Tel: +44 1628 476614 Bucks., SL7 1TH UK > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200402202216.i1KMGii12074>