user for getting files

2002-11-22 Thread Blars Blarson
Now that (as upstream) I've released hinfo 1.0, I'm planing on making it my first debian package. One of the things I'd like the debian package to do is download a couple of files (when changed) with wget on a regular basis. Having root do the download is using a sledgehammer on a finishing nail,

user for getting files

2002-11-22 Thread Blars Blarson
Now that (as upstream) I've released hinfo 1.0, I'm planing on making it my first debian package. One of the things I'd like the debian package to do is download a couple of files (when changed) with wget on a regular basis. Having root do the download is using a sledgehammer on a finishing nail,

Re: user for getting files

2002-11-22 Thread David Roundy
On Fri, Nov 22, 2002 at 11:04:27AM -0800, Blars Blarson wrote: > > One of the things I'd like the debian package to do is download a > couple of files (when changed) with wget on a regular basis. Having > root do the download is using a sledgehammer on a finishing nail, (it > works, but you have

Re: user for getting files

2002-11-22 Thread John H. Robinson, IV
David Roundy wrote: > On Fri, Nov 22, 2002 at 11:04:27AM -0800, Blars Blarson wrote: > > > > but is it realy appropriate for a package to create a new user for a > > weekly download? depending upon what other processes will be using the data, and those that will be starting them, the answer varie

Re: user for getting files

2002-11-22 Thread Russell Coker
On Fri, 22 Nov 2002 23:06, John H. Robinson, IV wrote: > you never want a file owned by nobody. services that do not need any > elevated privedges should run as nobody, so if they are compromised, > then can do nothing. if you download a file as nobody, then a > compromised nobudy-running daemon ca

Re: user for getting files

2002-11-22 Thread David Roundy
On Fri, Nov 22, 2002 at 11:04:27AM -0800, Blars Blarson wrote: > > One of the things I'd like the debian package to do is download a > couple of files (when changed) with wget on a regular basis. Having > root do the download is using a sledgehammer on a finishing nail, (it > works, but you have

Re: user for getting files

2002-11-22 Thread John H. Robinson, IV
David Roundy wrote: > On Fri, Nov 22, 2002 at 11:04:27AM -0800, Blars Blarson wrote: > > > > but is it realy appropriate for a package to create a new user for a > > weekly download? depending upon what other processes will be using the data, and those that will be starting them, the answer varie

Re: user for getting files

2002-11-23 Thread Russell Coker
On Fri, 22 Nov 2002 23:06, John H. Robinson, IV wrote: > you never want a file owned by nobody. services that do not need any > elevated privedges should run as nobody, so if they are compromised, > then can do nothing. if you download a file as nobody, then a > compromised nobudy-running daemon ca