Bugtraq mailing list archives
Re: User operator under Red Hat 6.2
From: Kurt Seifried <listuser () seifried org>
Date: Wed, 4 Oct 2000 17:02:43 -0600
It's not necessesary a bug but is abig problem when you install Red Hat
6.2 and one
user different to root has guid root, even worse if you don't know it. User: operator Home : /root (oops! same home than root, same bash history!) Main group: root (May be you find usefully operator user but may be you must change its
home,
also you must think about that in a dictionary attack there are two roots
to find)
If you find some PAM message with a remote change password to operator becarefull, may you must look for in root history not-normal activity Have a nice IT day Diego GarcĂa
Argh. Also in Red Hat 7.0: uid=11(operator) gid=0(root) groups=0(root) Using find, I couldn't find any files owned by operator, using grep I couldn't find anything in etc that mentioned the operator user (beyond the password files). It appears safe to remove the user: userdel operator At least nothing has broken so far =). Gratuitous root acounts are rather annoying. Red Hat 7.0 also ships sudo, so there's a better solution available. Kurt Seifried - seifried () securityportal com SecurityPortal, your focal point for security on the net. http://www.securityportal.com/
Current thread:
- BSD chpass caddis (Oct 03)
- Re: BSD chpass Warner Losh (Oct 03)
- User operator under Red Hat 6.2 DIEGO GARCIA _ DIRECCION DE SISTEMAS-. (Oct 04)
- Re: User operator under Red Hat 6.2 Stefan Laudat (Oct 04)
- Re: User operator under Red Hat 6.2 Kurt Seifried (Oct 04)
- User operator under Red Hat 6.2 DIEGO GARCIA _ DIRECCION DE SISTEMAS-. (Oct 04)
- Re: BSD chpass Adrian Chadd (Oct 04)
- Re: BSD chpass Warner Losh (Oct 03)