Kurento Media Server automatically creates an extra account "kurento" on installation

Question

On installing kurento-media-server-6.0, it automatically created an extra account "kurento" and the password is still unknown. Although it does not have sudo access, but still an unwanted user account is a security concern. On deleting user account, kurento-media-server does not function properly and has to be reinstalled. What is the significance of that account or why this account is being created?

OS: Ubuntu 16.04.3 LTS 64-bit

Answer 1

That is how almost all "service" applications work on Ubuntu, and is actually a security feature. Installation of an application creates a user that is used only by that application and can have its privileges limited to only what that application needs.

For example, Apache uses www-data, Nginx uses nginx (or www-data if you install from certain sources), PostgreSQL uses postgres, MySQL uses mysql, Postfix mail server uses postfix, etc.

There's no reason for this to be a security concern. The password isn't "unknown" as you say, there is actually an invalid password -- meaning that it is impossible to log in to this account unless you give it SSH keys or use sudo -u (which only administrators can do anyway).

Just leave the account the way it is.