Re: processes spawned by usr 'nobody'?

[Carl Mummert <mummert@cs.wcu.edu>]

>From message <[🔎] 576A688A7DA7D011899B00805FEA1AFF60387C@sych02.isdip.upmc.edu>  :
>I have noticed that every so often my HD would start to whine like it was
>being search. It made me curious and a ran a top and I found the a the find
>utility was started by user 'nobody'. Is this a normal thing to have
>processes spawned by the nobody user? Or is this a problem as I think it to
>be?

This is no problem.  Several programs that are run automatically from
cron.daily or cron.weekly are run as user nobody. 

One example, which may be the one you noticed, is the updatedb script, which 
builds a database for locate(1) to search.  If this ran as root, all files
on your disk would be indexed.  But since it runs as nobody, only files that
are world-readable are indexed (ie your private files are not indexed).
This is generally a good thing; sometimes people have files that they
don't want other people to know they have.  It would be a security
risk for hidden files to be indexed, because some people (maybe mistakenly)
depend on unknown filenames for security.

Some daemons may also su to nobody before going to work.  By running as
nobody, they are unable to hurt your system if they are compromised
by a remote cracker. On my system, ident, finger, and talk all run this
way.

Carl