user toor ???

Hyunseog Ryu at Norlight hyun at
Thu Apr 17 14:59:10 PDT 2003

I guess it depends on your situation.
"toor" user can be used for back-door or bourne-shell access to the system
by system administrator.
Normally script kiddy who doesn't know much about UNIX will just concerned
about "root" account, and he might do something with "root" account only. 
In that case, "toor" user account can be used to break into system and
change the system back to original configuration by system administrator. 
Or in case of forgetting the password. ^.^

Remember, security is not fixed system.
It is dynamic with company and user requirement.
Sometimes how you are doing is more important than what you have in place.
Everything has pros and cons. 

So if you use wisely, and keep the system tighten, it's good for security.
But it might cause inconvenience, and user doesn't follow the rule
That's something you think about, too.

For an example, you implement different difficult password rule for every
system, then some user might stick with post-it to remember the
username/password. ^.^
Post-it with password will be good for security? ^.^
Let's think about that. ^.^


Hyunseog Ryu 
Senior Network Engineer, Applications Engineering
Norlight Telecommunications
275 North Corporate Drive
Brookfield, WI 53045
phone: +1-262-792-7965
fax: +1-262-792-7733
e-mail: hryu at or hyun at

-----Original Message-----
From: owner-freebsd-questions at
[mailto:owner-freebsd-questions at] On Behalf Of Brent Bailey
Sent: Thursday, April 17, 2003 2:45 PM
To: freebsd-questions at FreeBSD.ORG
Subject: user toor ???

Can anyone tell me what function does the user "toor" that is put in by
default by FBSD install  do ?
im told its a security risk ...but unsure what it does ??

freebsd-questions at mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at"

More information about the freebsd-questions mailing list