Date: Thu, 7 Feb 2002 18:47:56 +0100 From: Cliff Sarginson <cliff@raggedclown.net> To: freebsd-questions@FreeBSD.ORG Subject: Re: toor? Message-ID: <20020207174756.GB2088@raggedclown.net> In-Reply-To: <3C62B9EE.3020009@rambo.simx.org> References: <001e01c1af94$a14e04f0$2300a8c0@zeus> <20020207091505.A1036@encephalon.de> <20020207172522.GA2088@raggedclown.net> <3C62B9EE.3020009@rambo.simx.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Feb 07, 2002 at 06:31:26PM +0100, Roger 'Rocky' Vetterberg wrote: > Cliff Sarginson wrote: > > >On Thu, Feb 07, 2002 at 09:15:05AM +0100, Roger Kaputtnik wrote: > > > >>Hi. > >> > >>>Can someone please explain to me what 'toor' is for and its use? > >>>Thanks... > >>> > >>It is "root" spelled backwards. You cant use this user, because this on > >>has a * in the passwd. Give him a password and this on is as powerful as > >>root is, well he is also root. 1. Delete this one, you dont need it > >>2. Give him a password and use this one if you lost your root password, > >>or some other shit happend to you root account. > >> > >>The best choice is to delete this guy. imho > >> > > > >It is not your best choice. > > > >If you want a root user with /bin/sh instead of /bin/csh then give toor > >a password, the same one as root if you like, and use toor. > >If you prefer to use the csh as root then use root. > > > >It is purely a matter of your preference. > >That is why the choice is there. > >Since actions performed as root are critical to system operation is > >perhaps wiser to use a shell you are familiar with than one with which > >you are not. > > > Could someone explain why you cant just chsh or vipw roots shell to > bash, sh or whatever? You could, but the shell needs to be statically linked, that you change it to. Bash as installed will not be, so you would have to remake it to be a static binary. I suppose you could change it to /bin/sh, and change it back again after every make world. > I cant see any good reason to have two root accounts just because you > dont like the default root shell. It is not a case of "not liking" it is a case of what you know how to use best. Remember that FreeBSD is not just your personal home computer, it is used in environments where there may well be more than one system administrator, with different shell preferences. Anyway there are not two root accounts. The superuser has user id 0. User id 0 has 2 entries for it. It is a single account with 2 names, and in this case alternative shells. The numerical user id is what makes it special, not the name. I don't know why anyone thinks this is a problem. The security implications are zero as far as I can see. -- Regards Cliff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020207174756.GB2088>