LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
LinkBack Search this Thread
Old 06-13-2005, 09:44 AM   #1
XaViaR
Member
 
Registered: Dec 2004
Distribution: RHEL, CentOS, SuSE
Posts: 170

Rep: Reputation: 30
/etc/passwd


Hello,

Below is my passwd file. I was wondering why is there other accounts installed by default? And, why would they have /bin/sh as their shell? Isn't that a security hole? Should I switch their shell to /bin/false? Will that break anything?

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/bash
daemon:x:2 : 2 : Daemon:/sbin:/bin/bash
lp:x:4:7:Printing daemon:/var/spool/lpd:/bin/bash
mail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false
news:x:9:13:News system:/etc/news:/bin/bash
uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash
games:x:12:100:Games account:/var/games:/bin/bash
man:x:13:62:Manual pages viewer:/var/cache/man:/bin/bash
at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash
wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false
ftp:x:40:49:FTP account:/srv/ftp:/bin/bash
postfix:x:51:51:Postfix Daemon:/var/spool/postfix:/bin/false
sshd:x:71:65:SSH daemon:/var/lib/sshd:/bin/false
nobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash
syslogng:x:1001:100:syslog-ng:/home/syslog-ng:/bin/false

Thanks for your help,

-X
 
Old 06-13-2005, 10:12 AM   #2
AdamJacobMuller
LQ Newbie
 
Registered: Jun 2005
Posts: 5

Rep: Reputation: 0
there are many accounts installed by default on even the most basic Unix install.
This is a good thing.
What it means is that every one of those programs will be working (at least in part) as a normal user instead of as root which increases the security of your system.
As for /bin/sh being set as the shell. I don't like this and have sucessfully changed many of those entries to to use /bin/false or /sbin/nologin et al. However this *really* isn't a security hole since if you look @ /etc/shadow you will notice that all of those users have "*" as a password. That basically disables any password-based login so /bin/sh as a shell isn't really insecure.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
passwd romel Linux - Security 1 04-25-2004 01:12 AM
about passwd jnzhang Linux - General 7 07-08-2003 04:32 PM
/etc/passwd help debdas Linux - General 3 05-09-2003 01:28 PM
can't passwd leihsun Linux - General 17 06-19-2002 05:37 AM
passwd Winter Linux - Security 2 05-01-2002 05:13 PM


All times are GMT -5. The time now is 03:43 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration