Date: Sat, 22 May 2010 11:42:53 -0400 From: jhell <jhell@dataix.net> To: RW <rwmaillists@googlemail.com> Cc: ports@freebsd.org Subject: Re: Users and groups kept after a port deinstallation Message-ID: <4BF7FB7D.1010501@dataix.net> In-Reply-To: <20100522134212.3d5447a8@gumby.homeunix.com> References: <AANLkTindTvyrfPRj_cGWUC3LXWI63bGN5azaXo_xYRVu@mail.gmail.com> <AANLkTikNB0LbKG1qtL90F-thxeCvvSqnBxOCCDSucVS6@mail.gmail.com> <20100522005313.26dcfbdb@gumby.homeunix.com> <AANLkTim9NqCGi_iPMuoivw0z2bzEXHkt39VPk6c7aHyt@mail.gmail.com> <4BF787E2.9010907@dataix.net> <20100522120815.063975ae@gumby.homeunix.com> <4BF7C6EE.3010001@dataix.net> <20100522134212.3d5447a8@gumby.homeunix.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 05/22/2010 08:42, RW wrote: > On Sat, 22 May 2010 07:58:38 -0400 > jhell <jhell@dataix.net> wrote: > >> On 05/22/2010 07:08, RW wrote: >>> On Sat, 22 May 2010 03:29:38 -0400 >>> jhell <jhell@dataix.net> wrote: >>> >>> >>>> Having unused logins on a system is bad! >>> >>> Why? >> >> For one example: >> This opens up a point of possible access to the system in which its >> integrity could be jeopardized. What all the implications are of this >> is out of scope for this thread. > > These are unprivileged accounts without passwords - you need root > privileges to use them. Nothing is going to be running under them or > they wouldn't be candidates for removal in the first place. Are we arguing the point that these should just be left or can we come to a point like I stated in the previous email that you so gracefully chopped out that stated: If they are to be left in the system a admin should be notified or they should be automatically removed upon package removal. This is more of a best practices case than what the implications of leaving users in the master.passwd are. -- jhell
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BF7FB7D.1010501>