From Oracle Linux 5 Security Technical Implementation Guide
Part of GEN000290-4
Associated with: CCI-000012
Accounts that provide no operational purpose provide additional opportunities for system compromise. Unnecessary accounts include user accounts for individuals not requiring access to the system and application accounts for applications not installed on the system.
Check the system for the unnecessary "ftp" accounts. Procedure: # rpm -q krb5-workstation An ftp server is part of "krb5-workstation". If it is installed the "ftp" user is necessary and this is not a finding. # rpm -q vsftp If the "vsftp" ftp server is installed the "ftp" user is necessary and this is not a finding. # grep ^ftp /etc/passwd If this account exists and no ftp server is installed which requires it, this is a finding.
Remove the "ftp" account from the /etc/passwd file before connecting a system to the network.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer