Date: Fri, 20 Feb 2004 21:47:03 -0000 (GMT) From: "Thomas Beer" <b@analogon.com> To: "Matthew Seaman" <m.seaman@infracaninophile.co.uk> Cc: meimi <meimi_1@hotmail.com> Subject: Re: Removing system user Message-ID: <3545.217.235.127.4.1077313623.squirrel@webmail.pair.com> In-Reply-To: <20040220170622.GD4997@happy-idiot-talk.infracaninophile.co.uk> References: <LAW11-OE45jMKtWNymW0000323c@hotmail.com> <20040220170622.GD4997@happy-idiot-talk.infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
I would not delete them. A normal user, e.g., has to be member of the group staff to su to root, etc. Cheers Tom > On Fri, Feb 20, 2004 at 11:51:03PM +0800, meimi wrote: > >> I have read some document about server hardening. It suggests me >> removing >> the following users: >> operator, games, news, uucp >> and following groups: >> operator, staff >> I can guess that games is used for playing and news is used for >> reading >> news in news group. How about the other? Their descriptions in passwd >> are >> not clear. >> Am I safe to remove them in normal server environment (web, mail, ftp, >> DNS, SSH)? > > You can certainly remove those users and groups, but it's unlikely to > gain you very much and quite likely to cause you some problems. It > will certainly make it harder for you to do routine updates on your > system, possibly including some security patches. > > So long as you don't alter the entries in the master.passwd and group > files for those entities, you're pretty safe. Those IDs exist mostly > to be the owners of various files: note that the shell has been set to > /sbin/nologin and the password for those accounts has been locked and > that they have no special privileges despite the low UID and GID > numbers -- as such they are rather less dangerous than the account you > use to log in via. > > All in all, I wouldn't bother touching those accounts. > > Cheers, > > Matthew > > -- > Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks > Savill Way > PGP: http://www.infracaninophile.co.uk/pgpkey Marlow > Tel: +44 1628 476614 Bucks., SL7 1TH UK >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3545.217.235.127.4.1077313623.squirrel>