-----BEGIN PGP SIGNED MESSAGE----- On Wed, 10 Mar 1999, Justin Akehurst wrote:
> I am trying to tighten the security on my linux box. I noticed a bunch of > entries in my passwd file for things/users I don't even have, like a bunch > for qmail, one for postgresql, etc... > > Why are these there, and are they a security risk? Would I do harm to > remove the ones that I don't need? These password entries don't open up any security holes, because if you look at the password field, you'll see that it's filled with a '*'. This means that that login account is disabled, and the only way to log in to it is to su from root to that user. If a cracker already has root access, you don't really care if there's a qmail account for him to su to; he's already got full access. The reason the entries are there is that some server daemons need to be run as a specific user with permission to read its own things. You should leave them there, because if you ever do decide to install one of those packages, a lack of an entry in /etc/passwd will break the package... noah PGP public key available at http://lynx.dac.neu.edu/home/httpd/n/nmeyerha/mail.html or by 'finger -l [EMAIL PROTECTED]' This message was composed in a 100% Microsoft free environment. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNufg/4dCcpBjGWoFAQEtgAP9EjLCrKF0BteE2qtUiQDyO5+7l5CKRGcw rbGuTriL7jNSLn291wFMOdGPJlcZOt0oBWLe5Lal9Yrb8ZORp7os+HlQ7oF844oI z+dnGAbg9aPI4TsXSDRweDxp4XF3RhIWk1xKJjFpx4kYtRSoevJCGKl0TfFYgiL5 ikNhRfrc+oo= =wuLN -----END PGP SIGNATURE-----
