[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: unowned processes and who controls them (was: Re: passwd entry for uid -1

Quoth Niels Möller: 

> But I don't see any big advantage, compared to simply running the
> process in question with userid foo, so I agree that it seems a little
> pointless.

The biggest difference is perhaps that anybody could rmauth a process on
their own and effectiively perform a local DoS on your service.  This
would also be a quite safe attack to perform on a busy server, as you'd
have problem picking out just who might have done what from any logs you

If you need to create files owned by foo, the easiest way is probably
running as foo.

When in doubt: Flaunt.

Reply to: