Re: exploring debian's users and groups
> > > The man program (sometimes) runs as user man, so it can write cat
> > > pages to /var/cache/man
> > >
> > > HELP: My system has no files owned by user man, and I don't see
> > > the point of the user, aside from symmetry.
> >
> > Wasn't there a proposal to remove it (and pre-formatted man pages
> > along with it) a while back?
>
> It's no longer used by default, but is still supported, and
> /var/cache/man is owned by user man. Personally, I happen to like having
> the preformatted pages, I just don't like having to fix the security
> bugs that result. :)
>
> > man running as set{u,g}id man is commonly regarded as a security
> > hazard, and preformatted man pages present an easy DoS attack.
>
> Well, you can fill up disk space, yes, but otherwise not really. Pages
> formatted with strange terminal sizes and such aren't cached.
>
> Incidentally, /var/cache/man has been man:root mode 2755 on Debian for a
> long time. Is it just me, or is the setgid bit rather unnecessary?
>
Is this the reason I can't use man through a remote SSH connection? I
always get "man: Kann temporären Dateinamen nicht erzeugen: Keine
Berechtigung" ("man: Can't create temp files: No rights").
O. Wyss
Reply to: