[EMAIL PROTECTED] wrote:
Why would you want to start [sshd] as nobody? You are supposed to
start sshd as root. The application itself handles dropping
privileges and chrooting.
If only! sshd ends up running as root, both if I start it manually or
if I reboot/restart the service.
And as I say, many (all?) of my other daemons run as root also, isn't
this considered a security problem? Could I have messed up my passwd
file or something? What would make my init process run everything as
root? What log file should I be peeping at to find "hey, I tried to
lower my privileges, but I failed."
Diffused Dave
Most services start as root because that is the only way to grab
"priviledged ports" that is below 1024. After they have grabbed that
port, well designed services like Apache or sshd will change to non-root
users and/or drop capabilities in order to make things more secure.
(Some daemons do not drop root and/or capabilities though. For example
it is fairly common to see poorly configured servers running rsync as
root. Just because xinetd super server runs as root doesn't mean the
things it calls must also run as root.)
What services specifically are you worried about?
Warren
