Date: Thu, 17 Apr 2003 16:59:01 -0500 From: "Hyunseog Ryu @ Norlight" <hyun@staff.norlight.net> To: "'Brent Bailey'" <misterb@bmyster.com>, <freebsd-questions@FreeBSD.ORG> Subject: RE: user toor ??? Message-ID: <007401c3052c$8de857a0$1501a8c0@hyun> In-Reply-To: <1737.66.63.99.171.1050608708.squirrel@bmyster.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I guess it depends on your situation. "toor" user can be used for back-door or bourne-shell access to the = system by system administrator. Normally script kiddy who doesn't know much about UNIX will just = concerned about "root" account, and he might do something with "root" account = only.=20 In that case, "toor" user account can be used to break into system and change the system back to original configuration by system = administrator.=20 Or in case of forgetting the password. ^.^ Remember, security is not fixed system. It is dynamic with company and user requirement. Sometimes how you are doing is more important than what you have in = place. Everything has pros and cons.=20 So if you use wisely, and keep the system tighten, it's good for = security. But it might cause inconvenience, and user doesn't follow the rule essentially.=20 That's something you think about, too. For an example, you implement different difficult password rule for = every system, then some user might stick with post-it to remember the username/password. ^.^ Post-it with password will be good for security? ^.^ Let's think about that. ^.^ Hyun =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D Hyunseog Ryu=20 Senior Network Engineer, Applications Engineering Norlight Telecommunications 275 North Corporate Drive Brookfield, WI 53045 U.S.A. phone: +1-262-792-7965 fax: +1-262-792-7733 e-mail: hryu@norlight.com or hyun@staff.norlight.net -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Brent Bailey Sent: Thursday, April 17, 2003 2:45 PM To: freebsd-questions@FreeBSD.ORG Subject: user toor ??? Can anyone tell me what function does the user "toor" that is put in by default by FBSD install do ? im told its a security risk ...but unsure what it does ?? thanx B _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007401c3052c$8de857a0$1501a8c0>