Setup shouldn't allow user to enter root for admin user

Security-Onion-Solutions / securityonion

Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.

https://securityonion.net

3.1k stars 482 forks source link

Setup shouldn't allow user to enter root for admin user #1311

Closed dougburks closed 3 years ago

dougburks commented 3 years ago

Setup prompts the user to specify a username for their administrative account. We should check this input and make sure they are not specifying root or some other pre-existing account.

Reference: https://groups.google.com/u/1/g/security-onion/c/Y31lfIk_OKQ

m0duspwnens commented 3 years ago

the following users have been prohibited: root bin daemon adm lp sync shutdown halt mail operator games ftp nobody systemd-network dbus polkitd sshd postfix chrony socore soremote ntp tcpdump elasticsearch stenographer suricata zeek curator kratos kibana elastalert ossecm ossecr ossec logstash