one user per daemon?

To: debian-security@lists.debian.org
Subject: one user per daemon?
From: Christian Kujau <evil@g-house.de>
Date: Sat, 05 Jul 2003 14:26:24 +0200
Message-id: <[🔎] o5g6eb.ee4.ln@news.housecafe.de>

hi,

in another (german) newsgroup i saw a comment, being a bit upset aboutthe general-every-distribution behaviour to install new daemons under asingle user id. to be clear, if debconf/dpkg/whatever set up e.g. ntpd,the default is that "root" starts the daemon. or user "nobody" does, butanother daemon was configured to be run from "nobody" too. the sameapplies for user "daemon". only a few daemons are run by other users bydefault, apache, snort or squid.

the things is, when some of the "nobody" processes are compromised,*every* daemon "nobody" has started is in danger to be killed or misused.

/etc/password lists a lot of unused (but somehow standard-)users, theycould be used to run processes under a different user id.


yes, it's a bit confusing, please ask if i was unlcear.

Thanks for comments,
Christian.

--
BOFH excuse #224:

Jan  9 16:41:27 huber su: 'su root' succeeded for .... on /dev/pts/1

Reply to:

Follow-Ups:
- Re: one user per daemon?
  - From: Adam ENDRODI <borso@vekoll.saturnus.vein.hu>
- Re: one user per daemon?
  - From: Andrew Pimlott <andrew@pimlott.net>

Prev by Date: one user per daemon?
Next by Date: Re: one user per daemon?
Previous by thread: one user per daemon?
Next by thread: Re: one user per daemon?
Index(es):
- Date
- Thread