On Sat, Jul 05, 2003 at 02:26:24PM +0200, Christian Kujau wrote: > > the things is, when some of the "nobody" processes are compromised, > *every* daemon "nobody" has started is in danger to be killed or misused. > > /etc/password lists a lot of unused (but somehow standard-)users, they > could be used to run processes under a different user id.
On my systems, I have added several accounts dedicated to programs like snort, spamd, syslogd, tftpd and others. It's just as easy as doing an ``adduser --system --no-create-home <foo>''. Usually, it's a good idea to create a corresponding system group too. I think, it's not the default because sometimes process interaction gets difficult to manage. bit, adam -- 1024D/37B8D989 954B 998A E5F5 BA2A 3622 82DD 54C2 843D 37B8 D989 finger://[EMAIL PROTECTED] | Some days, my soul's confined http://www.keyserver.net | And out of mind Sleep forever
