From owner-freebsd-questions Mon Apr 17 12:39:59 2000 Delivered-To: freebsd-questions@freebsd.org Received: from picusnet.com (mail.picusnet.com [207.7.90.2]) by hub.freebsd.org (Postfix) with ESMTP id 68B9637B9A7 for ; Mon, 17 Apr 2000 12:39:55 -0700 (PDT) (envelope-from wdf@picusnet.com) Received: from picusnet.com [209.96.235.36] by picusnet.com with ESMTP (SMTPD32-5.05) id A8564950150; Mon, 17 Apr 2000 15:39:02 -0400 Message-ID: <38FB686E.35E8B49E@picusnet.com> Date: Mon, 17 Apr 2000 15:39:26 -0400 From: "William D. Freeman" X-Mailer: Mozilla 4.72 [en] (X11; I; FreeBSD 4.0-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Andrew Cc: freebsd-questions@freebsd.org Subject: Re: toor References: Content-Type: multipart/alternative; boundary="------------DEEF8224CFD8664A333D8747" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --------------DEEF8224CFD8664A333D8747 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit It's the root user with the default shell Bourne (/bin/sh). you can't login without a password. everyone has that user, but i don't ever use it unless i did somthing bad to root (only happend once the first time i got a copy of FreeBSD at home). I don't think it would hurt to get rid of it, but i'd keep it for good measures Andrew wrote: > I have user toor with UID 0 in my system. > > Is this security hole? > Why he exists by default? Which purpose? > Can I remove him from the system? > His password? > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- William D. Freeman [wdf@picusnet.com] http://members.xoom.com/EvilGNU -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GU d? s+:++ a--- C++ UB+++ P+ L- E W++ N- o-- K---- w--- O---- M- V-- PS--- PE++ Y-- PGP---- t+ 5-- X++ R tv b+ --------------DEEF8224CFD8664A333D8747 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit It's the root user with the default shell Bourne (/bin/sh).
you can't login without a password.  everyone has that user, but i don't ever use it unless i did somthing bad to root (only happend once the first time i got a copy of FreeBSD at home).  I don't think it would hurt to get rid of it, but i'd keep it for good measures
 
 
 

Andrew wrote:

I have user toor with UID 0 in my system.

Is this security hole?
Why he exists by default? Which purpose?
Can I remove him from the system?
His password?

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

-- 
 William D. Freeman [wdf@picusnet.com]
http://members.xoom.com/EvilGNU
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GU d? s+:++ a--- C++ UB+++ P+ L- E W++ N- o-- K---- w--- 
O---- M- V-- PS--- PE++ Y-- PGP---- t+ 5-- X++ R tv b+
  --------------DEEF8224CFD8664A333D8747-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message