Re: user for getting files
David Roundy wrote:
> On Fri, Nov 22, 2002 at 11:04:27AM -0800, Blars Blarson wrote:
> >
> > but is it realy appropriate for a package to create a new user for a
> > weekly download?
depending upon what other processes will be using the data, and those
that will be starting them, the answer varies from ``maybe'' to ``yes!''
> I'm far from an expert, but I would have thought that 'nobody' would be
> appropriate for this.
_no_.
you never want a file owned by nobody. services that do not need any
elevated privedges should run as nobody, so if they are compromised,
then can do nothing. if you download a file as nobody, then a
compromised nobudy-running daemon can then trojan that file. bad.
> As long as you don't trust the content of those files, this seems safe
> to me.
there are other reasons to not trust the file, other than the ownership
(dns cache poisoning, dns takeover, trojans on the server), so we can
accept this as a truism.
-john
Reply to: