I would not delete them. A normal user, e.g., has to be member of the group staff to su to root, etc.
Cheers Tom > On Fri, Feb 20, 2004 at 11:51:03PM +0800, meimi wrote: > >> I have read some document about server hardening. It suggests me >> removing >> the following users: >> operator, games, news, uucp >> and following groups: >> operator, staff >> I can guess that games is used for playing and news is used for >> reading >> news in news group. How about the other? Their descriptions in passwd >> are >> not clear. >> Am I safe to remove them in normal server environment (web, mail, ftp, >> DNS, SSH)? > > You can certainly remove those users and groups, but it's unlikely to > gain you very much and quite likely to cause you some problems. It > will certainly make it harder for you to do routine updates on your > system, possibly including some security patches. > > So long as you don't alter the entries in the master.passwd and group > files for those entities, you're pretty safe. Those IDs exist mostly > to be the owners of various files: note that the shell has been set to > /sbin/nologin and the password for those accounts has been locked and > that they have no special privileges despite the low UID and GID > numbers -- as such they are rather less dangerous than the account you > use to log in via. > > All in all, I wouldn't bother touching those accounts. > > Cheers, > > Matthew > > -- > Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks > Savill Way > PGP: http://www.infracaninophile.co.uk/pgpkey Marlow > Tel: +44 1628 476614 Bucks., SL7 1TH UK > _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
