From owner-freebsd-questions Thu Mar 16 18:29:51 2000 Delivered-To: freebsd-questions@freebsd.org Received: from ren.sasknow.com (h139-142-245-96.ss.fiberone.net [139.142.245.96]) by hub.freebsd.org (Postfix) with ESMTP id 5BDBC37C222 for ; Thu, 16 Mar 2000 18:29:46 -0800 (PST) (envelope-from ryan@sasknow.com) Received: from localhost (ryan@localhost) by ren.sasknow.com (8.9.3/8.9.3) with ESMTP id UAA51265; Thu, 16 Mar 2000 20:29:43 -0600 (CST) (envelope-from ryan@sasknow.com) Date: Thu, 16 Mar 2000 20:29:42 -0600 (CST) From: Ryan Thompson To: cjclark@home.com Cc: Harry Woodward-Clarke , Robert Fulford , FreeBSD-questions@FreeBSD.ORG Subject: Re: toor reference in The Complete FreeBSD In-Reply-To: <20000316211008.B64407@cc942873-a.ewndsr1.nj.home.com> Message-ID: Organization: SaskNow Technologies [www.sasknow.com] MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Crist J. Clark wrote to Ryan Thompson: > Ryan Thompson wrote: > > ``toor'' is simply another user with uid=gid=0. Most often, it can be > > used as an alternate way to gain access to the system if the root password > > is compromised/altered/forgotten. (That is, if you know toor's password > > :-) Historically, it has been used for other purposes, as well. > > The most common reason for having it was when only the root partition > was available (in single user mode), it was good to have the root use > have a shell of /bin/sh or /bin/csh. The other user, toor, could have > a fancier shell like /usr/local/bin/bash or /usr/local/bin/tcsh > (something that requires /usr to be mounted). Thus the default name it > gets, "Bourne Again User," as in bash, "Bourne Again Shell." Tell me again why it is not a good idea to move bash/tcsh into /bin? I suppose it violates heir(7) to some extent, and bloats the (generally sleek) root partition some, but beyond that, is their any reason not to? I suppose in shared access systems, some machines might not have access to the "add-on" shells (thus would not share a common /bin directory), and that might be another reason not to give root /bin/bash. Heck, I use csh for most things anyway, so I suppose this question is relatively academic :-) > However, since FreeBSD always prompts for a shell to use going into > single user mode, it is _almost_ moot. Personally, I keep one with a > 'basic' shell on machines when my /var/mail is NFS mounted. The fancy > shells will try to check for mail and hang up if there are network > problems. Interesting point, regarding mail. One can turn that off relatively easily in most shells, as well. Perhaps that's not a bad idea for root. (Especially considering that, on a busy system with the default aliases, root may well get mail about as fast as the prompts can display anyway:-) -- Ryan Thompson Systems Administrator, Accounts Phone: +1 (306) 664-1161 SaskNow Technologies http://www.sasknow.com #106-380 3120 8th St E Saskatoon, SK S7H 0W2 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message