Re: Using the user nobody in my package
Sam Morris <sam@robots.org.uk> writes:
>> For that system, we run in only one single UID/GID in the system: we
>> use nobody:nogroup for all the hosted files. That includes: ftp access,
>> mail system (delivered in user mailbox as nobody), and web. The control
>> panel does the change of the User and Group directive in Apache so it
>> doesn't use www-data anymore.
> Editing other package's configuration files is proscribed by Policy,
> however such is the entire point of control-panel-like software, so I
> guess this isn't such a big issue.
I think you have to distinguish between control-panel software performing
edits at the request of a user, in which case they're just a form of
editor, and control-panel software modifying configuration files for its
own purposes. The latter I think should still be forbidden.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: