From owner-freebsd-security  Thu Dec  7 15: 8:16 2000
From owner-freebsd-security@FreeBSD.ORG  Thu Dec  7 15:08:14 2000
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from rodan.water-programs.com (unknown [130.86.77.19])
	by hub.freebsd.org (Postfix) with ESMTP id D551F37B400
	for <freebsd-security@FreeBSD.ORG>; Thu,  7 Dec 2000 15:08:13 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
	by rodan.water-programs.com (8.11.1/8.11.1) with ESMTP id eB7N74l18544;
	Thu, 7 Dec 2000 15:07:04 -0800 (PST)
	(envelope-from joseph@randomnetworks.com)
Date: Thu, 7 Dec 2000 15:07:04 -0800 (PST)
From: joseph@randomnetworks.com
X-Sender: scottj@rodan.water-programs.com
To: Matt Chew Spence <matt@nren.nasa.gov>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: toor account
In-Reply-To: <Pine.SUN.4.30.0012071435460.11696-100000@obivon.nren.nasa.gov>
Message-ID: <Pine.BSF.4.21.0012071500400.13962-100000@rodan.water-programs.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


On Thu, 7 Dec 2000, Matt Chew Spence wrote:

# 
# If:
# 1) I am running a relatively fast machine (no vaxen here)
# 2) I am not worried about forgetting the root password or corrupting
# root's shell
# 3) The box is not production and can be taken into single user mode w/o
# impacting much of anyone
# 
# would the toor account have any useful purpose, or can I just blow it
# away?

	My feeling would be that you could blow it away if you so desired.

# Bonus question:  Are the root restrictions (ie no tty login, no console
# login, no ssh login) and logging automatically relevant to toor, or do I
# need to configure all that stuff explicitly for toor?

	I was originally going to say it shouldn't be a problem because
toor and root both have uid 0.  Although the default install gives toor an
* in the master.passwd so toor can't login through those methods even if
uid 0 was given permissions to do so.

--------------------------------------------------------------------
| Joseph Scott                       The Office Of Water Programs  |
| joseph@randomnetworks.com          joseph.scott@owp.csus.edu     |
--------------------------------------------------------------------



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message