Re: [HEADSUP] making /bin/sh the default shell for root

From: Rodney W. Grimes <freebsd-rwg_at_gndrsh.dnsmgr.net>
Date: Tue, 28 Sep 2021 08:56:26 -0700 (PDT)
> Hi,
> 
> On Wed, Sep 22, 2021 at 11:42:22AM -0400, Shawn Webb wrote:
> >
> >HardenedBSD recently removed toor. No one has complained (yet?). A
> >small Twitter poll[0] showed that 85% of people who responded do not
> >use toor.
> 
> I think that before removing functionality you need to examine the issue
> for conformation bias. I bet that many who answered your question were
> unaware of toor and of those even aware, it's not like there are loads
> of examples in documentation discussing the versatility of root+toor
> over just root. I'd vote to retain toor unless there were compelling
> reasons not to. And even if there were reasons, I'd vote to
> disable-by-default before removing it completely.

I agree with the statements above, just wanted to add a detail
that the toor account is disabled from login by default as it
has a password value of *.

As far as I am aware the only default way to the toor acount is
via su(8).

> -- 
> J.

-- 
Rod Grimes                                                 rgrimes_at_freebsd.org
Received on Tue Sep 28 2021 - 15:56:26 UTC

Original text of this message