On Mon, Apr 10, 2000 at 02:39:35PM +0900, Henry Nelson wrote:
> I keep seeing this message in the "daily insecurity output":
> 	Login toor is off but still has a valid shell (/bin/sh)
> 
> What is the account "toor" used for?  Do I need it?  Should I just delete
> it (but then I ask, why is it in the distribution passwd file to begin with?),
> or should I change /bin/sh to something fictitious, or should I issue a new
> password for "toor?"  TIA.

toor is mostly history. It's intended to be an alternate root account,
with a different shell and eventually a different passwd. Things like sudo
make it really obsolete. You can yank it out of the passwd file without
troubles.

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--