[TUHS] historical users and groups
Jose R. Valverde
jrvalverde at cnb.csic.es
Wed Jan 14 23:33:02 AEST 2009
A bit of digging brought out the following snippet from 4.3BSD System
System security changes require adding several new
``well-known'' groups to /etc/group. The groups that are
needed by the system as distributed are:
Only users in the ``wheel'' group are permitted to su to
``root''. Most programs that manage directories in
/usr/spool now run set-group-id to ``daemon'' so that users
cannot directly access the files in the spool directories.
The special files that access kernel memory, /dev/kmem and
/dev/mem, are made readable only by group ``kmem''. Stan-
dard system programs that require this access are made set-
group-id to that group. The group ``sys'' is intended to
control access to system sources, and other sources belong
to group ``staff.'' Rather than make user's terminals writ-
able by all users, they are now placed in group ``tty'' and
made only group writable. Programs that should legitimately
have access to write on user's terminals such as talk and
write now run set-group-id to ``tty''. The ``operator''
group controls access to disks. By default, disks are read-
able by group ``operator'', so that programs such as df can
access the file system information without being set-user-id
Several new users have also been added to the group of
``well-known'' users in /etc/passwd. The current list is:
The ``daemon'' user is used for daemon processes that do not
need root privileges. The ``operator'' user-id is used as
an account for dumpers so that they can log in without hav-
ing the root password. By placing them in the ``operator''
group, they can get read access to the disks. The ``uucp''
login has existed long before 4.3BSD, and is noted here just
to provide a common user-id. The password entry ``nobody''
has been added to specify the user with least privilege.
So my previous recollections were not totally correct. Sorry. I guess as
one grows older memory starts to fail. As for today's usefulness... if
you google each user/group up you'll see they still are meaningful in
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 189 bytes
Desc: not available
More information about the TUHS