Removing system user
m.seaman at infracaninophile.co.uk
Fri Feb 20 09:06:30 PST 2004
On Fri, Feb 20, 2004 at 11:51:03PM +0800, meimi wrote:
> I have read some document about server hardening. It suggests me removing
> the following users:
> operator, games, news, uucp
> and following groups:
> operator, staff
> I can guess that games is used for playing and news is used for reading
> news in news group. How about the other? Their descriptions in passwd are
> not clear.
> Am I safe to remove them in normal server environment (web, mail, ftp,
> DNS, SSH)?
You can certainly remove those users and groups, but it's unlikely to
gain you very much and quite likely to cause you some problems. It
will certainly make it harder for you to do routine updates on your
system, possibly including some security patches.
So long as you don't alter the entries in the master.passwd and group
files for those entities, you're pretty safe. Those IDs exist mostly
to be the owners of various files: note that the shell has been set to
/sbin/nologin and the password for those accounts has been locked and
that they have no special privileges despite the low UID and GID
numbers -- as such they are rather less dangerous than the account you
use to log in via.
All in all, I wouldn't bother touching those accounts.
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040220/74ebc58e/attachment.bin
More information about the freebsd-questions