From owner-freebsd-questions Thu Feb 7 9:48:15 2002 Delivered-To: freebsd-questions@freebsd.org Received: from post.mail.nl.demon.net (post-10.mail.nl.demon.net [194.159.73.20]) by hub.freebsd.org (Postfix) with ESMTP id 44A7D37B404 for ; Thu, 7 Feb 2002 09:47:59 -0800 (PST) Received: from [212.238.194.207] (helo=mailhost.raggedclown.net) by post.mail.nl.demon.net with esmtp (Exim 3.33 #1) id 16YseM-0004QR-00 for freebsd-questions@FreeBSD.ORG; Thu, 07 Feb 2002 17:47:58 +0000 Received: from angel.raggedclown.net (angel.raggedclown.intra [192.168.1.7]) by mailhost.raggedclown.net (Ragged Clown Mail Gateway [buffy]) with ESMTP id A05E513040 for ; Thu, 7 Feb 2002 18:47:57 +0100 (CET) Received: by angel.raggedclown.net (Ragged Clown Host [angel], from userid 1001) id ED28C22590; Thu, 7 Feb 2002 18:47:56 +0100 (CET) Date: Thu, 7 Feb 2002 18:47:56 +0100 From: Cliff Sarginson To: freebsd-questions@FreeBSD.ORG Subject: Re: toor? Message-ID: <20020207174756.GB2088@raggedclown.net> References: <001e01c1af94$a14e04f0$2300a8c0@zeus> <20020207091505.A1036@encephalon.de> <20020207172522.GA2088@raggedclown.net> <3C62B9EE.3020009@rambo.simx.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3C62B9EE.3020009@rambo.simx.org> User-Agent: Mutt/1.3.27i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Feb 07, 2002 at 06:31:26PM +0100, Roger 'Rocky' Vetterberg wrote: > Cliff Sarginson wrote: > > >On Thu, Feb 07, 2002 at 09:15:05AM +0100, Roger Kaputtnik wrote: > > > >>Hi. > >> > >>>Can someone please explain to me what 'toor' is for and its use? > >>>Thanks... > >>> > >>It is "root" spelled backwards. You cant use this user, because this on > >>has a * in the passwd. Give him a password and this on is as powerful as > >>root is, well he is also root. 1. Delete this one, you dont need it > >>2. Give him a password and use this one if you lost your root password, > >>or some other shit happend to you root account. > >> > >>The best choice is to delete this guy. imho > >> > > > >It is not your best choice. > > > >If you want a root user with /bin/sh instead of /bin/csh then give toor > >a password, the same one as root if you like, and use toor. > >If you prefer to use the csh as root then use root. > > > >It is purely a matter of your preference. > >That is why the choice is there. > >Since actions performed as root are critical to system operation is > >perhaps wiser to use a shell you are familiar with than one with which > >you are not. > > > Could someone explain why you cant just chsh or vipw roots shell to > bash, sh or whatever? You could, but the shell needs to be statically linked, that you change it to. Bash as installed will not be, so you would have to remake it to be a static binary. I suppose you could change it to /bin/sh, and change it back again after every make world. > I cant see any good reason to have two root accounts just because you > dont like the default root shell. It is not a case of "not liking" it is a case of what you know how to use best. Remember that FreeBSD is not just your personal home computer, it is used in environments where there may well be more than one system administrator, with different shell preferences. Anyway there are not two root accounts. The superuser has user id 0. User id 0 has 2 entries for it. It is a single account with 2 names, and in this case alternative shells. The numerical user id is what makes it special, not the name. I don't know why anyone thinks this is a problem. The security implications are zero as far as I can see. -- Regards Cliff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message