Subject: Re: Root, toor accounts.
To: Richard Rauch <>
From: Marc Baudoin <>
List: netbsd-users
Date: 03/12/1999 20:53:57
Richard Rauch <> écrit :
> When I installed my system, there were two UID 0 accounts: root and toor.
> Is there a reason to include both?

No, there's not.  As a security principle, you should restrict
uid 0 accounts to one: root.  If you need several people to be
given root privileges, give them the root password or use a tool
such as sudo that can also control what commands they can access
(everybody doesn't need a root shell).

> I've left them both in there, since that's the way that the
> system sets itself up

It also comes with other users that doesn't even own a single
file in a full installation: ingres and falken.  As I've already
stated, I think it would be a good thing to remove them from
future NetBSD distributions (as well as cleaning uids so that
system uids (daemon, operator...) are from, say, uid 1 to 10 or
20, other uids needed by various daemons (news, uucp...) are from
uid 50 to 99 and so on so that there's a clean uid setup).

> I thought that there might be some reason for having both. But,
> the daily script, of course, always checks (and reports on)
> duplicate accounts---including the ``standard'' root/toor
> duality.

And it is a good thing this script reports duplicate 0 uids.

> So, would it harm anything if I remove one them?

No.  I've always done that.

> What if I remove toor and change the other to something OTHER than
> ``root'' (still UID 0)?

Don't do that, believe me.

> I gather that the UID is what is really important, so it
> shouldn't matter

Sure the OS only sees the uid but various utilities see only the

> (My thought with renaming the UID 0 account was to then create
> an unprivileged ``root'', as a kind of amusement should anyone
> try to login as root on my system. It wouldn't be a serious
> deterant to a committed hacker, but...)

Change the login program instead :-)

Marc Baudoin   -=-   <>