RE: Hearing the truth??

From: Sayek, Ogan (osayek_at_towson.edu)
Date: 02/18/04

  • Next message: António Vasconcelos: "Re: Hearing the truth??" 
    Date: Wed, 18 Feb 2004 13:03:07 -0500
To: "OBrien, Brennan" <BOBrien@columbia.com>, <focus-sun@securityfocus.com>

    hi,

    There are 2 scenarios to this statement.
    1. The user kept all of his files in his home directory. In which case
    userdel -r will delete user directory and all the files in it.

    2. The users are allowed to have files all over the system in which case
    a simple "find / -user username -print" would reveal all the files
    associated with the particular user. And you can do rm on those files
    fairly easy.

    I hope this helps, and I also hope I didn't misunderstand the issue.
    Good luck, unix admins might be hard to convince sometimes :)

    --------------------------------------
    OGAN SAYEK
    Systems Engineer
    Towson University
    Computing and Network Services (CANS)
    Email: osayek@towson.edu
    Phone: 410.704.4256

    -----Original Message-----
    From: OBrien, Brennan [mailto:BOBrien@columbia.com]
    Sent: Tuesday, February 17, 2004 8:22 PM
    To: focus-sun@securityfocus.com
    Subject: Hearing the truth??

    All:

    I've got an interesting situation at the office I could use some advice
    on. I'm being asked from a security perspective whether the following
    statement (made by our Unix admins) could be considered true:

    "The only way you can delete a user account on a unix environment is to
    write a series of scripts to eliminate file associations."

    So, while I don't disagree with the logic, is this actually the case
    that there are no commercial tools available to assist in this arena,
    and the only method of deleting a user on a system safely and
    effectively is to write a bunch of scripts on your own? This just begs
    to be a problem solved by a commercial entity if it's actually the case.

    We're in a Sun environment. Some thoughts would be appreciated.

    Brennan

  • Next message: António Vasconcelos: "Re: Hearing the truth??"

    Relevant Pages

    • Re: common directory with group controlled acces for multiple users
      ... I need to setup an account on my server for 3 students so that they can have ... access to executables and scripts for processing daily GPS observations. ... I would recommend setting up each user with a separate username and ... can set up a symlink to the shared folder in their home directory. ...
      (Ubuntu)
    • Re: execute a proram upon initial login
      ... > from some skeleton directory to the user's home directory. ... And your scripts are perfect, ... Then again, this was on a students' shell server, so while the admin ...
      (comp.unix.bsd.freebsd.misc)
    • Colors in VIM
      ... do syntax highlighting for php/html files, along with scripts. ... default) and located all of the .vimrc files, ... I even had one in my home directory as well. ...
      (freebsd-questions)
    • Re: Terminal Services SUBST mapping by default
      ... TS home directory entry in the user object first. ... nothing happens (unless you use logon scripts to map ... drives). ...
      (microsoft.public.windows.terminal_services)
    • Reference on shell scripts
      ... brethrens with the sequence and scope of the various scripts such as ... each user's home directory. ...
      (Debian-User)
    • Quantcast