Removing system user

Jerry McAllister jerrymc at clunix.cl.msu.edu
Fri Feb 20 14:16:52 PST 2004 

> 
> I would not delete them. A normal user, e.g., has to
> be member of the group staff to su to root, etc.

It is group wheel they need to be in.   I suppose someone
might have made staff work too, but wheel is the biggie.

////jerry

> 
> Cheers Tom
> 
> > On Fri, Feb 20, 2004 at 11:51:03PM +0800, meimi wrote:
> >
> >>   I have read some document about server hardening. It suggests me
> >> removing
> >> the following users:
> >> operator, games, news, uucp
> >> and following groups:
> >> operator, staff
> >>   I can guess that games is used for playing and news is used for
> >> reading
> >> news in news group. How about the other? Their descriptions in passwd
> >> are
> >> not clear.
> >>   Am I safe to remove them in normal server environment (web, mail, ftp,
> >> DNS, SSH)?
> >
> > You can certainly remove those users and groups, but it's unlikely to
> > gain you very much and quite likely to cause you some problems.  It
> > will certainly make it harder for you to do routine updates on your
> > system, possibly including some security patches.
> >
> > So long as you don't alter the entries in the master.passwd and group
> > files for those entities, you're pretty safe.  Those IDs exist mostly
> > to be the owners of various files: note that the shell has been set to
> > /sbin/nologin and the password for those accounts has been locked and
> > that they have no special privileges despite the low UID and GID
> > numbers -- as such they are rather less dangerous than the account you
> > use to log in via.
> >
> > All in all, I wouldn't bother touching those accounts.
> >
> > 	Cheers,
> >
> > 	Matthew
> >
> > --
> > Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
> >                                                       Savill Way
> > PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
> > Tel: +44 1628 476614                                  Bucks., SL7 1TH UK
> >
> 
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>

More information about the freebsd-questions mailing list