Prevent root and system from owning all system filesystems and files in Unix

Traditionally, UNIX has come with a default set of system user accounts to  prevent root and system from owning all system filesystems and files. As such it  is never recommended to remove the account but rather set an asterick in the
/etc/security/passwd for all except root. This document describes the default  set of user accounts.

This document applies to all levels of AIX Version 4.

Related documentation
Practical UNIX Security, published by O’Reilly.
The product documentation library can be accessed at the following URL:
http://www.rs6000.ibm.com/resource/aix_resource/Pubs/index.html

——————————————————————————–

Description of accounts

– root

Commonly called the superuser (UID 0), this is the account that system  administrators log into to perform system maintenance and problem determination.

– daemon

A user used to execute system server processes. This user only exists to own these processes (and the associated files) and to guarantee that they execute  with appropriate file access permissions.

– bin



A second system account used primarily to break up owners of important system  directories and files from being solely owned by root and system. This account  typically owns the executable files for most user commands.

– sys

sys user owns the default mounting point for the Distributed File Service (DFS)  cache which is necessary before installation and configuration of DFS on a client. /usr/sys directory can also be used to put install images.

– adm

The adm user in the /etc/passwd is basically responsible for two system  functions:

1. ownership of diagnostic tools, as evidenced by the directory
/usr/sbin/perf/diag_tool/

2. accounting, as evidenced by System Accounting Directories:
/usr/sbin/acct
/usr/lib/acct
/var/adm
/var/adm/acct/fiscal
/var/adm/acct/nite
/var/adm/acct/sum

– guest

Many computer centers provide accounts for visitors to play games while they wait for an appointment, or to allow them to use a modem or network connection to contact their own computer. Typically, these accounts have names like open, guest, or play.

– nobody

An account used by the Network File System (NFS) product, and to enable remote  printing nobody exists when a program needs to permit temporary root access to  root users. For example, before turning on Secure RPC or Secure NFS, check /etc/public key on the master NIS server to see if every user has been assigned  a public key and a secret key. You can create an entry in the database for a user by becoming the superuser and entering:

newkey -u username

You can also create an entry in the database for the special user, nobody.
Users can now run the chkey program to create their own entries in the database.

– uucp

UUCP is a system for transferring files and electronic mail between UNIX  computers connected by telephone. When one computer dials to another computer, it must log in. Instead of logging in as root, the remote computer logs in as
uucp. Electronic mail that is awaiting transmission to the remote machine is stored in directories that are readable only by the uucp user so that other users on the computer cannot read each other’s personal mail.

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA * Time limit is exhausted. Please reload the CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.