I would not delete them. A normal user, e.g., has to
be member of the group staff to su to root, etc.

Cheers Tom

> On Fri, Feb 20, 2004 at 11:51:03PM +0800, meimi wrote:
>>   I have read some document about server hardening. It suggests me
>> removing
>> the following users:
>> operator, games, news, uucp
>> and following groups:
>> operator, staff
>>   I can guess that games is used for playing and news is used for
>> reading
>> news in news group. How about the other? Their descriptions in passwd
>> are
>> not clear.
>>   Am I safe to remove them in normal server environment (web, mail, ftp,
>> DNS, SSH)?
> You can certainly remove those users and groups, but it's unlikely to
> gain you very much and quite likely to cause you some problems.  It
> will certainly make it harder for you to do routine updates on your
> system, possibly including some security patches.
> So long as you don't alter the entries in the master.passwd and group
> files for those entities, you're pretty safe.  Those IDs exist mostly
> to be the owners of various files: note that the shell has been set to
> /sbin/nologin and the password for those accounts has been locked and
> that they have no special privileges despite the low UID and GID
> numbers -- as such they are rather less dangerous than the account you
> use to log in via.
> All in all, I wouldn't bother touching those accounts.
>       Cheers,
>       Matthew
> --
> Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
>                                                       Savill Way
> PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
> Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to