General question on users accounts that are created automatically.

Marty McNamara · 01-10-2009, 04:42 PM

Hi,

On my Ubuntu linux box there are many user accounts that have been created since I've installed the system.

All these accounts were created during install of new software, as example I've installed tomcat, boinc and ntpd which resulted in the following new user accounts.

uid=117(tomcat55) gid=65534(nogroup) groups=65534(nogroup)
uid=114(ntp) gid=126(ntp) groups=126(ntp)
uid=113(boinc) gid=125(boinc) groups=125(boinc)

Naturally now there are some process on my system running owned by tomcat55, boinc and ntp.

The questions I have (excuse my lack of knowledge),

1.
These accounts were created automatically during install, did the installer set a password for these accounts?.

2.
If so, how do I find out what the password is?

3.
Can I login to these accounts?.

4.
Is there any security issues, with accounts that are automatically created?.

5.
If I login as root and change the passwords of these accounts, will everything still work ok?. My guess to this is yes, as the root account kicks off these process on boot up and does not need to know the account password.

I've read the linux system administrators guide and done a good bit of searching for an answer but I still don't have any answers.

If You know the answer to any of these questions or can point me to somewhere that can answer the question that would be great.

Marty

acid_kewpie · 01-10-2009, 05:39 PM

1, 2. no - check /etc/shadow - that's where the passwords would be stored as md5 strings, only your own accounts should have passwords listed.

3. you could su to them from root if you wished, but as you go via root, those accounts are naturally of less interest for security reasons that root itself.

4. Well there are positive issues in that those accounts are generally used to run non-privileged daemon processes so as to not have to run things like ntpd as root when it does not need to be.

5. well as above, don't. nothing would stop working, but it's a nonsensical thing to do, you're clearly halfway there already with your last comments there.

jiml8 · 01-10-2009, 06:03 PM

*nix is strongly oriented toward security and minimum necessary permissions. By giving these programs their own account and group, it becomes easy to restrict their permissions - which in its turn greatly restricts the amount of damage they can do either through bugs, or because somehow you obtained a rogue copy of one of those packages.