Users and groups kept after a port deinstallation
jhell at dataix.net
Sat May 22 15:42:57 UTC 2010
On 05/22/2010 08:42, RW wrote:
> On Sat, 22 May 2010 07:58:38 -0400
> jhell <jhell at dataix.net> wrote:
>> On 05/22/2010 07:08, RW wrote:
>>> On Sat, 22 May 2010 03:29:38 -0400
>>> jhell <jhell at dataix.net> wrote:
>>>> Having unused logins on a system is bad!
>> For one example:
>> This opens up a point of possible access to the system in which its
>> integrity could be jeopardized. What all the implications are of this
>> is out of scope for this thread.
> These are unprivileged accounts without passwords - you need root
> privileges to use them. Nothing is going to be running under them or
> they wouldn't be candidates for removal in the first place.
Are we arguing the point that these should just be left or can we come
to a point like I stated in the previous email that you so gracefully
chopped out that stated: If they are to be left in the system a admin
should be notified or they should be automatically removed upon package
This is more of a best practices case than what the implications of
leaving users in the master.passwd are.
More information about the freebsd-ports