Subject: Re: Unnecessary standard accounts (Was: Root, toor accounts.)
To: Marc Baudoin <babafou@babafou.eu.org>
From: Perry E. Metzger <perry@piermont.com>
List: netbsd-users
Date: 03/15/1999 16:52:28
How about we disable user operator's shell and be done with it?
Marc Baudoin <babafou@babafou.eu.org> writes:
> David Brownlee <abs@anim.dreamworks.com> =E9crit :
> > =
> > As an added bonus the operator user is not in the operator group,
> > so cannot run shutdown even if you give it a valid password.
> > Aaaaah...
> > =
> > My inclination wold be to:
> > a) Put operator in the operator group. This at least opens the
> > possibility of it being useful as an operator.
> > b) Switch its default shell to /sbin/nologin to quiet security.
> =
> Whereas the operator group is extremely useful, I still don't
> think the operator user is. But your proposal is OK if you want
> to keep the operator user.
> =
> -- =
> Marc Baudoin -=3D- <babafou@babafou.eu.org>