one user per daemon?

To: debian-security@lists.debian.org
Subject: one user per daemon?
From: Christian Kujau <evil@g-house.de>
Date: Sat, 05 Jul 2003 14:26:39 +0200
Message-id: <[🔎] v5g6eb.ee4.ln@news.housecafe.de>

hi,

in another (german) newsgroup i saw a comment, being a bit upset aboutthe general-every-distribution behaviour to install new daemons under asingle user id. to be clear, if debconf/dpkg/whatever set up e.g. ntpd,the default is that "root" starts the daemon. or user "nobody" does, butanother daemon was configured to be run from "nobody" too. the sameapplies for user "daemon". only a few daemons are run by other users bydefault, apache, snort or squid.

the thing is, when some of the "nobody" processes are compromised,*every* daemon "nobody" has started is in danger to be killed or misused.

/etc/password lists a lot of unused (but somehow standard-)users, theycould be used to run processes under a different user id.


yes, it's a bit confusing, please ask if i was unlcear.

Thanks for comments,
Christian.

--
BOFH excuse #224:

Jan  9 16:41:27 huber su: 'su root' succeeded for .... on /dev/pts/1

Reply to:

Prev by Date: Re: Strongest linux - kernel patches
Next by Date: one user per daemon?
Previous by thread: subscribe
Next by thread: one user per daemon?
Index(es):
- Date
- Thread