From owner-freebsd-security Fri Dec 8 6:18:49 2000 From owner-freebsd-security@FreeBSD.ORG Fri Dec 8 06:18:46 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from ns1.arch.bellsouth.net (ns1.arch.bellsouth.net [205.152.173.2]) by hub.freebsd.org (Postfix) with ESMTP id 4D00437B400 for ; Fri, 8 Dec 2000 06:18:46 -0800 (PST) Received: from bar (ckhome [24.31.106.127]) by ns1.arch.bellsouth.net (8.9.1a/8.9.1) with SMTP id JAA22976 for ; Fri, 8 Dec 2000 09:18:36 -0500 (EST) From: "Christian Kuhtz" To: Subject: RE: toor account Date: Fri, 8 Dec 2000 09:17:09 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 In-Reply-To: <3A30E982.202E82A2@upan.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Can somebody explain to my why this account exists in the first place? Is there a historic significance to it? Will anything be hurt if we remove this account from all installations by default? Doesn't seem like there's any point in having it hang around, so, why not just get rid of it. -- Christian Kuhtz -wk, -hm Sr. Architect, Engineering & Architecture, BellSouth.net, Atlanta, GA, U.S. "I speak for myself only." > -----Original Message----- > From: owner-freebsd-security@FreeBSD.ORG > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of mikel > Sent: Friday, December 08, 2000 9:01 AM > To: Matt Chew Spence > Cc: freebsd-security@FreeBSD.ORG > Subject: Re: toor account > > > toor does not have the same login restrictions as root...refer to > /etc/login.access The account is linked to bash. Use it. Delete it. Ignor > it. recommend atleast you set your own password for it. > > cheers, > mikel > > Matt Chew Spence wrote: > > > If: > > 1) I am running a relatively fast machine (no vaxen here) > > 2) I am not worried about forgetting the root password or corrupting > > root's shell > > 3) The box is not production and can be taken into single user mode w/o > > impacting much of anyone > > > > would the toor account have any useful purpose, or can I just blow it > > away? > > > > Bonus question: Are the root restrictions (ie no tty login, no console > > login, no ssh login) and logging automatically relevant to toor, or do I > > need to configure all that stuff explicitly for toor? > > > > Thanks, > > > > Matt > > > > _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ > > Matt Chew Spence Network Engineer/Systems Engineer > > matt@nren.nasa.gov NASA Research & Education Network > > (650) 604-4550 (voice) Ames Research Center Mail Stop 233-21 > > (650) 604-3080 (fax) Moffett Field, CA 94035-1000 > > _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message