1

Accounts like lp, bin, daemon, ftp, etc. look like legacy accounts that I won't need on my servers but are installed by default.

Is there an easy way to detect which accounts are required? I see things like "daemon" which I don't want to break all daemons, but I don't know how this account is used. The same for "sync", "operator", and many others.

I'm looking for some means other than just removing the account, rebooting, and seeing if anything looks broken.

Editing to add, DISA (DoD) requires it: https://www.stigviewer.com/stig/red_hat_enterprise_linux_8/2021-12-03/finding/V-230379

Improve this question
13
  • How many accounts do you have. If not too many (less than 1.5 dozen) leave them, especially if you do not know what they are
    – anon
    Commented May 20, 2022 at 19:56
  • @John, it's a long story, but basically the security compliance protocols (written by a different agency) require me to delete any which aren't used. Those used must be justified.
    – davidhaskins
    Commented May 20, 2022 at 19:58
  • Unless someone you can talk to can give you assurance about what to delete, then I would not delete them. Is the presence of these passwords causing a problem? Probably not.
    – anon
    Commented May 20, 2022 at 20:01
  • @John, that isn't the way cyber security works. You can't just keep unknown, undocumented accounts around and hope for the best. These seem to be standard accounts across Unix/Linux installs. Surely someone knows what they are.
    – davidhaskins
    Commented May 20, 2022 at 20:05
  • You listed accounts that looked normal to me. I do not delete such Windows passwords. I am not just hoping for the best and my PC is VERY secure.
    – anon
    Commented May 20, 2022 at 20:10

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .