Users and groups kept after a port deinstallation

RW rwmaillists at
Sat May 22 22:54:44 UTC 2010

On Sat, 22 May 2010 11:42:53 -0400
jhell <jhell at> wrote:

> >>>> Having unused logins on a system is bad! 
> >>>
> >>> Why?
> >>
> >> For one example:
> >> This opens up a point of possible access to the system in which its
> >> integrity could be jeopardized. What all the implications are of
> >> this is out of scope for this thread.
> > 
> > These are unprivileged accounts without passwords - you need root
> > privileges to use them. Nothing is going to be running under them or
> > they wouldn't be candidates for removal in the first place.
> Are we arguing the point that these should just be left or can we come
> to a point like I stated in the previous email that you so gracefully
> chopped out that stated: If they are to be left in the system a admin
> should be notified or they should be automatically removed upon
> package removal.

If there are no security concerns, the rest is just a bike shed

> This is more of a best practices case than what the implications of
> leaving users in the master.passwd are.

Why is it best practice? Why add extra complexity to solve a problem
that doesn't actually exist?

More information about the freebsd-ports mailing list