Re: Default passwd file entries
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, 10 Mar 1999, Justin Akehurst wrote:
> I am trying to tighten the security on my linux box. I noticed a bunch of
> entries in my passwd file for things/users I don't even have, like a bunch
> for qmail, one for postgresql, etc...
>
> Why are these there, and are they a security risk? Would I do harm to
> remove the ones that I don't need?
These password entries don't open up any security holes, because if you
look at the password field, you'll see that it's filled with a '*'. This
means that that login account is disabled, and the only way to log in to
it is to su from root to that user. If a cracker already has root access,
you don't really care if there's a qmail account for him to su to; he's
already got full access.
The reason the entries are there is that some server daemons need to be
run as a specific user with permission to read its own things. You should
leave them there, because if you ever do decide to install one of those
packages, a lack of an entry in /etc/passwd will break the package...
noah
PGP public key available at
http://lynx.dac.neu.edu/home/httpd/n/nmeyerha/mail.html
or by 'finger -l frodo@ccs.neu.edu'
This message was composed in a 100% Microsoft free environment.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNufg/4dCcpBjGWoFAQEtgAP9EjLCrKF0BteE2qtUiQDyO5+7l5CKRGcw
rbGuTriL7jNSLn291wFMOdGPJlcZOt0oBWLe5Lal9Yrb8ZORp7os+HlQ7oF844oI
z+dnGAbg9aPI4TsXSDRweDxp4XF3RhIWk1xKJjFpx4kYtRSoevJCGKl0TfFYgiL5
ikNhRfrc+oo=
=wuLN
-----END PGP SIGNATURE-----
Reply to: