Date: Sat, 22 May 2010 23:54:25 +0100 From: RW <rwmaillists@googlemail.com> To: ports@freebsd.org Subject: Re: Users and groups kept after a port deinstallation Message-ID: <20100522235425.1ab2c504@gumby.homeunix.com> In-Reply-To: <4BF7FB7D.1010501@dataix.net> References: <AANLkTindTvyrfPRj_cGWUC3LXWI63bGN5azaXo_xYRVu@mail.gmail.com> <AANLkTikNB0LbKG1qtL90F-thxeCvvSqnBxOCCDSucVS6@mail.gmail.com> <20100522005313.26dcfbdb@gumby.homeunix.com> <AANLkTim9NqCGi_iPMuoivw0z2bzEXHkt39VPk6c7aHyt@mail.gmail.com> <4BF787E2.9010907@dataix.net> <20100522120815.063975ae@gumby.homeunix.com> <4BF7C6EE.3010001@dataix.net> <20100522134212.3d5447a8@gumby.homeunix.com> <4BF7FB7D.1010501@dataix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 22 May 2010 11:42:53 -0400 jhell <jhell@dataix.net> wrote: > >>>> Having unused logins on a system is bad! > >>> > >>> Why? > >> > >> For one example: > >> This opens up a point of possible access to the system in which its > >> integrity could be jeopardized. What all the implications are of > >> this is out of scope for this thread. > > > > These are unprivileged accounts without passwords - you need root > > privileges to use them. Nothing is going to be running under them or > > they wouldn't be candidates for removal in the first place. > > Are we arguing the point that these should just be left or can we come > to a point like I stated in the previous email that you so gracefully > chopped out that stated: If they are to be left in the system a admin > should be notified or they should be automatically removed upon > package removal. If there are no security concerns, the rest is just a bike shed > This is more of a best practices case than what the implications of > leaving users in the master.passwd are. > Why is it best practice? Why add extra complexity to solve a problem that doesn't actually exist?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100522235425.1ab2c504>