[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

one user per daemon?


in another (german) newsgroup i saw a comment, being a bit upset about the general-every-distribution behaviour to install new daemons under a single user id. to be clear, if debconf/dpkg/whatever set up e.g. ntpd, the default is that "root" starts the daemon. or user "nobody" does, but another daemon was configured to be run from "nobody" too. the same applies for user "daemon". only a few daemons are run by other users by default, apache, snort or squid.

the thing is, when some of the "nobody" processes are compromised, *every* daemon "nobody" has started is in danger to be killed or misused.

/etc/password lists a lot of unused (but somehow standard-)users, they could be used to run processes under a different user id.

yes, it's a bit confusing, please ask if i was unlcear.

Thanks for comments,

BOFH excuse #224:

Jan  9 16:41:27 huber su: 'su root' succeeded for .... on /dev/pts/1

Reply to: