From owner-freebsd-questions Mon Apr 17 10: 7:33 2000 Delivered-To: freebsd-questions@freebsd.org Received: from geijer.it.uu.se (geijer.it.uu.se [130.238.15.81]) by hub.freebsd.org (Postfix) with ESMTP id D72EB37B6EA for ; Mon, 17 Apr 2000 10:07:27 -0700 (PDT) (envelope-from ertr1013@csd.uu.se) Received: (from ertr1013@localhost) by geijer.it.uu.se (8.8.5/8.8.5) id TAA19435; Mon, 17 Apr 2000 19:07:07 +0200 (MET DST) Date: Mon, 17 Apr 2000 19:07:06 +0200 From: Erik Trulsson To: Andrew Cc: freebsd-questions@FreeBSD.ORG Subject: Re: toor Message-ID: <20000417190705.A19392@student.csd.uu.se> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: ; from andrew@soc.lg.gov.ua on Mon, Apr 17, 2000 at 05:25:10PM +0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Apr 17, 2000 at 05:25:10PM +0000, Andrew wrote: > I have user toor with UID 0 in my system. > That is normal. > Is this security hole? No. > Why he exists by default? Which purpose? Basically as an an alternative root account with a different shell. (Default shell for 'root' is /bin/csh, for 'toor' it is /bin/sh.) (Note that 'toor' is 'root' backwards...) See it as an example of how you can have several usernames with the same UID and the same home directory but different shells. > Can I remove him from the system? Sure, nothing (AFAIK) depends on 'toor' existing. > His password? Unless you have changed something the password for 'toor' should be '*' meaning that it is disabled and you can't login as that user. -- Erik Trulsson ertr1013@student.csd.uu.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message