Date: Thu, 31 Dec 2009 11:52:36 +0000 From: Anton Shterenlikht <mexas@bristol.ac.uk> To: Erik Trulsson <ertr1013@student.uu.se> Cc: Anton Shterenlikht <mexas@bristol.ac.uk>, freebsd-questions@freebsd.org Subject: Re: does toor have passwd or not? According to logins -p: yes Message-ID: <20091231115236.GA44230@mech-cluster241.men.bris.ac.uk> In-Reply-To: <20091230131112.GA2115@owl.midgard.homeip.net> References: <20091230123341.GC36440@mech-cluster241.men.bris.ac.uk> <20091230131112.GA2115@owl.midgard.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Dec 30, 2009 at 02:11:13PM +0100, Erik Trulsson wrote: > On Wed, Dec 30, 2009 at 12:33:41PM +0000, Anton Shterenlikht wrote: > > I was checking for passwordless accounts with 'logins -p'. > > None was found. However, I understand toor doesn't have > > passwd by default, and I never touched it, so I expected > > logins -p to show toor, but it didn't. > > > > Just to check I also tried to su toor with root passwd - no access. > > > > Please can somebody clarify if toor does indeed have > > passwd. > > toor, like many other system accounts, by default has its password entry set > to '*' which indicates that password authenictation is disabled for that > account. (See the passwd(5) manpage for details.) > This means that unless you set a password for toor you cannot login as toor, > so the mere presence of that account is not a security problem. my mistake was due to looking at passwd(1) instead of passwd(5). many thanks anton -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 331 5944 Fax: +44 (0)117 929 4423
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091231115236.GA44230>