From owner-freebsd-questions  Thu Mar 16 17:56:28 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from ren.sasknow.com (h139-142-245-96.ss.fiberone.net [139.142.245.96])
	by hub.freebsd.org (Postfix) with ESMTP id DA8FE37B84E
	for <FreeBSD-questions@FreeBSD.ORG>; Thu, 16 Mar 2000 17:56:24 -0800 (PST)
	(envelope-from ryan@sasknow.com)
Received: from localhost (ryan@localhost)
	by ren.sasknow.com (8.9.3/8.9.3) with ESMTP id TAA50632;
	Thu, 16 Mar 2000 19:56:28 -0600 (CST)
	(envelope-from ryan@sasknow.com)
Date: Thu, 16 Mar 2000 19:56:28 -0600 (CST)
From: Ryan Thompson <ryan@sasknow.com>
To: Harry Woodward-Clarke <Harry.Woodward-Clarke@S1.com>
Cc: Robert Fulford <jbstrt@alltel.net>, FreeBSD-questions@FreeBSD.ORG
Subject: Re: toor reference in The Complete FreeBSD
In-Reply-To: <38D18F13.4A3B7A90@S1.com>
Message-ID: <Pine.BSF.4.21.0003161950310.50414-100000@ren.sasknow.com>
Organization: SaskNow Technologies [www.sasknow.com]
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Harry Woodward-Clarke wrote to Robert Fulford:

> Hiya Robert,
> 
> > I am learning to use FreebSD for the first time, and saw a short
> > reference about toor...
> > i would like to find the page where i saw it....does anyone know offhand
> > what page it
> > is on? It was about removing toor, i believe...(3rd edition)
> 
> Hmm...
> 
> I just grep'd the book, and only found a reference to 'toor' in chapter
> 32 (Electronic Mail).
> 
> Likewise the Handbook only has comments about setting the password for
> toor, nothing about removing it (15.3.1., point 5)
> 
> If I recall correctly, removing 'toor' is not a 'good idea'.

``toor'' is simply another user with uid=gid=0.  Most often, it can be
used as an alternate way to gain access to the system if the root password
is compromised/altered/forgotten.  (That is, if you know toor's password
:-)  Historically, it has been used for other purposes, as well.

On most systems, ``toor'' can be safely removed from the password file.  
Certainly, if you run with securelevel at -1 or 0, you can change the root
password by booting into single user mode (`shutdown now`) and using
passwd(1) at the shell prompt.

I have run my systems sans toor for many years, simply for the reason that
one user with superuser privileges is enough for me :-)

-- 
  Ryan Thompson <ryan@sasknow.com>
  Systems Administrator, Accounts
  Phone: +1 (306) 664-1161

  SaskNow Technologies     http://www.sasknow.com
  #106-380 3120 8th St E   Saskatoon, SK  S7H 0W2



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message