- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- disabling user ID's
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2001 07:59 AM
07-18-2001 07:59 AM
disabling user ID's
daemon
bin
sys
adm
uucp
lp
nuucp
hpdp
nobody
and www
are these ID's not a security issue?
can the be disabled? their password are *
should I leave them alone or should they be investigated individually?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2001 08:04 AM
07-18-2001 08:04 AM
Re: disabling user ID's
RD
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2001 08:04 AM
07-18-2001 08:04 AM
Re: disabling user ID's
These users are used by the system to give identity and ownership to system files /processes - do not delete them.
Paula
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2001 08:04 AM
07-18-2001 08:04 AM
Re: disabling user ID's
Leave these alone. Most are essential. As long as they have '*' in the password field they are
disabled. That is one of the stand idioms to disable an account. Passwd can never generate a '*' as a passwd and '*' no entered passwd would ever decrypt (hash actually) to '*'.
Regards, Clay
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2001 08:05 AM
07-18-2001 08:05 AM
Re: disabling user ID's
I personally don't consider them a risk with the * in the password field and they are needed by the OS.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2001 08:07 AM
07-18-2001 08:07 AM
Re: disabling user ID's
These are standard users for UNIX. There is no risk associated with leaving them exactly as they are defined.
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2001 10:23 AM
07-18-2001 10:23 AM
Re: disabling user ID's
most are actively used to run processes (like "lp", and
"daemon"), some are justr there to own files (like "bin").
Perhaps the only ones you could remove would be
"uucp" (owner of the UUCP files) and "nuucp" (id to
run a UUCP-connection under). UUCP is/was the Unix-
to-Unix-CoPy system - a kind of modem based network.
If you do NOT use modesm (and never will) those could
be removed, propably, but as long these accounts are
locked (invalid shell, "*" as password) no problems are
to be expected!
HTH,
Wodisch
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2001 10:33 AM
07-18-2001 10:33 AM
Re: disabling user ID's
One extra consideration might be to assign these users a shell of /bin/false. Totally redundant, and perhaps even ill-advised. Maybe Clay/Pat/JRF would care to comment?
Cheers,
Jim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2001 10:39 AM
07-18-2001 10:39 AM
Re: disabling user ID's
No I wouldn't do that either. For example,
when someone logs in as nuucp (or uucp) I definitely want uucico to start. I admit that with '*' as the passwd they won't be able to login but that's one more thing to mess up if I need to enable incoming uucp. Again, the '*' is a standard idiom and it has literally worked for decades.
Clay