Date: Thu, 16 Mar 2000 20:29:42 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: cjclark@home.com Cc: Harry Woodward-Clarke <Harry.Woodward-Clarke@S1.com>, Robert Fulford <jbstrt@alltel.net>, FreeBSD-questions@FreeBSD.ORG Subject: Re: toor reference in The Complete FreeBSD Message-ID: <Pine.BSF.4.21.0003162014330.50414-100000@ren.sasknow.com> In-Reply-To: <20000316211008.B64407@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Crist J. Clark wrote to Ryan Thompson: > Ryan Thompson wrote: > > ``toor'' is simply another user with uid=gid=0. Most often, it can be > > used as an alternate way to gain access to the system if the root password > > is compromised/altered/forgotten. (That is, if you know toor's password > > :-) Historically, it has been used for other purposes, as well. > > The most common reason for having it was when only the root partition > was available (in single user mode), it was good to have the root use > have a shell of /bin/sh or /bin/csh. The other user, toor, could have > a fancier shell like /usr/local/bin/bash or /usr/local/bin/tcsh > (something that requires /usr to be mounted). Thus the default name it > gets, "Bourne Again User," as in bash, "Bourne Again Shell." Tell me again why it is not a good idea to move bash/tcsh into /bin? I suppose it violates heir(7) to some extent, and bloats the (generally sleek) root partition some, but beyond that, is their any reason not to? I suppose in shared access systems, some machines might not have access to the "add-on" shells (thus would not share a common /bin directory), and that might be another reason not to give root /bin/bash. Heck, I use csh for most things anyway, so I suppose this question is relatively academic :-) > However, since FreeBSD always prompts for a shell to use going into > single user mode, it is _almost_ moot. Personally, I keep one with a > 'basic' shell on machines when my /var/mail is NFS mounted. The fancy > shells will try to check for mail and hang up if there are network > problems. Interesting point, regarding mail. One can turn that off relatively easily in most shells, as well. Perhaps that's not a bad idea for root. (Especially considering that, on a busy system with the default aliases, root may well get mail about as fast as the prompts can display anyway:-) -- Ryan Thompson <ryan@sasknow.com> Systems Administrator, Accounts Phone: +1 (306) 664-1161 SaskNow Technologies http://www.sasknow.com #106-380 3120 8th St E Saskatoon, SK S7H 0W2 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003162014330.50414-100000>