[lug] Users added during install with no password
Jeff Schroeder
jeff at neobox.net
Thu Jul 1 17:56:11 MDT 2004
Bill wrote:
> I recently installed RH 9.0 and noticed that the user named 'rpm' was
> added in the process and assigned the /bin/bash shell... but no
> password. I assume this is normal and no big threat to security, but
> is that right?
Although I don't use RH (any more), I suspect that's correct. Look in
the /etc/shadow file-- I assume RH uses shadow passwords-- and you
should see some users with passwords, and others with an 'x' or bang:
nobody:x:12598:0:99999:7:::
jeff:jseCdKJfvLk:12598:0:99999:7:::
mysql:!:12598:0:99999:7:::
The 'nobody' and 'mysql' accounts won't permit logins.
HTH,
Jeff
More information about the LUG
mailing list