-
Notifications
You must be signed in to change notification settings - Fork 761
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
toor / root, multiple uid=0 accounts #8146
Comments
best try your luck upstream as this is the standard os layout (https://github.com/freebsd/freebsd-src/blob/main/etc/master.passwd), see also https://en.wikipedia.org/wiki/Toor_(Unix) |
Even then a firewall imho should be hardened, so it may differ from the default average Server. |
So:
toor doesn't have a password and can't be logged in other than sudo/su. I also disable my root account, anybody can. Where is the problem with this? |
default setup? finger printing, letting systems get audited using regular tooling. (mulitple UID=0 accounts are a redflag... this will make a OPNsense turn up in each and every report..). It can be fixed agree, imho it should not be in the default supplied image. |
Random words, unspecific arguments? Let‘s say if we did this would you propose a PR? |
Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
Describe the bug
*Security
in /etc/passwd there are 2 (two) uid=0 account entries
toor & root
Consider removing toor, it is considered bad practice to have multiple account having the same UID.
root::0:0:System Administrator:/root:/usr/local/sbin/opnsense-shell
toor::0:0:Bourne-again Superuser:/root:
To Reproduce
grep :0:0: /etcpasswd
Expected behavior
Only have one user wih uid=0
Describe alternatives you considered
N/A
Screenshots
N/A
Relevant log files
N/A
Additional context
N/A
Environment
Software version used and hardware type if relevant, e.g.:
OPNsense 24.7.10 (amd64).
Intel® i7
Network Intel®
The text was updated successfully, but these errors were encountered: