Re: Using the user nobody in my package

To: debian-mentors@lists.debian.org
Subject: Re: Using the user nobody in my package
From: Russ Allbery <rra@debian.org>
Date: Wed, 15 Nov 2006 15:19:34 -0800
Message-id: <[🔎] 87mz6snvqx.fsf@windlord.stanford.edu>
In-reply-to: <[🔎] ejg6ri$3ar$1@sea.gmane.org> (Sam Morris's message of "Wed, 15 Nov 2006 23:11:46 +0000 (UTC)")
References: <[🔎] 455B975A.3090809@goirand.fr> <[🔎] ejg6ri$3ar$1@sea.gmane.org>

Sam Morris <sam@robots.org.uk> writes:

>> For that system, we run in only one single UID/GID in the system: we
>> use nobody:nogroup for all the hosted files. That includes: ftp access,
>> mail system (delivered in user mailbox as nobody), and web. The control
>> panel does the change of the User and Group directive in Apache so it
>> doesn't use www-data anymore.

> Editing other package's configuration files is proscribed by Policy,
> however such is the entire point of control-panel-like software, so I
> guess this isn't such a big issue.

I think you have to distinguish between control-panel software performing
edits at the request of a user, in which case they're just a form of
editor, and control-panel software modifying configuration files for its
own purposes.  The latter I think should still be forbidden.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

References:
- Using the user nobody in my package
  - From: Thomas Goirand <thomas@goirand.fr>
- Re: Using the user nobody in my package
  - From: "Sam Morris" <sam@robots.org.uk>

Prev by Date: RFS: tunapie (updated package)
Next by Date: Re: Using the user nobody in my package
Previous by thread: Re: Using the user nobody in my package
Next by thread: Re: Using the user nobody in my package
Index(es):
- Date
- Thread