> > The following appeared in my latest daily security run output: > > Checking for uids of 0: > root 0 > toor 0 > > This is the first time I've seen this message. > > I checked /etc/passwd and found this: > > root:*:0:0:Charlie &:/root:/bin/csh > toor:*:0:0:Bourne-again Superuser:/root: > > I am running FreeBSD 4.10 as a gateway/router/firewall with IPFW for a small > home LAN. > > I ran ps -aux and looked for any processes owned by "toor" but didn't find any. > > Is this something to be concerned about?
No. It is normal. It is one of the normal accounts put there in a standard install. It is essentially a root account by another name. Some things used to like to use it to own their installed stuff but avoid using root directly. I don't know if anything really does that any more. I sometimes use it as a model pw entry when in vipw for creating new accounts directly to help avoid missing a field. > > Sorry if this is an obvious question, but I am still very much a newbie > and trying to learn what I can about security. This has been brought up and answered numerous times in the past. You might try and search for information on toor account. You should be able to find something. ////jerry > > Thanks for your patience, > > Jim > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"