From owner-freebsd-hackers  Tue Jan 23 13:31:30 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from faith.cs.utah.edu (faith.cs.utah.edu [155.99.198.108])
	by hub.freebsd.org (Postfix) with ESMTP
	id C29C337B698; Tue, 23 Jan 2001 13:31:11 -0800 (PST)
Received: (from danderse@localhost)
	by faith.cs.utah.edu (8.9.3/8.9.3) id OAA10865;
	Tue, 23 Jan 2001 14:31:07 -0700 (MST)
Message-Id: <200101232131.OAA10865@faith.cs.utah.edu>
Subject: Re: Default users and the passwords
To: guille@galileo.or.cr (Guillermo Leandro)
Date: Tue, 23 Jan 2001 14:31:07 -0700 (MST)
Cc: freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG
In-Reply-To: <01012315244000.00612@aristoteles.local.galileo.or.cr> from "Guillermo Leandro" at Jan 23, 2001 03:24:40 PM
From: "David G. Andersen" <dga@pobox.com>
X-Mailer: ELM [version 2.5 PL2]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Lo and behold, Guillermo Leandro once said:
> 
> Hi everybody!
> 
> FreeBSD, like almost all Unix OS, has other default users, like uucp, 
> operator, etc. Since this users cames with the FreeBSD distribution, where 
> can I find their passwords?

   They don't have passwords.  /etc/master.passwd

> Another thing, why is there another uid 0 called toor? Isn't it a potential 
> security hole?

  It doesn't have a password.  It just has a different shell.  No,
it's not a potential security hole.  If you don't like it, delete it
with vipw.

  -Dave


-- 
work: dga@lcs.mit.edu                          me:  dga@pobox.com
      MIT Laboratory for Computer Science           http://www.angio.net/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message