[sclug] Non-human user IDs
Simon Huggins
huggie at earth.li
Sat Oct 25 09:05:30 UTC 2003
On Fri, Dec 27, 2002 at 06:03:15PM -0000, Will Dickson wrote:
> Can anyone either tell me about, or even better, point me at the section of
> The Fine Manual which describes, the various non-human user IDs that
> are usually found on a linux box?
Hmm, I guess the closest you'll find is from the Linux Standard Base
spec.
http://www.linuxbase.org/spec/gLSB/gLSB/usernames.html
A similar thread came up on Debian lists and here is part of it listing
some of the common and less common ones:
http://lists.debian.org/debian-devel/2001/debian-devel-200108/msg00385.html
> The two I'm most interested in are "daemon" and "nobody". Do they have
> any special privileges or attributes? And is there any reason not to run a
> system service, which does not want any special privileges, as user ID
> daemon?
The thing is that this will vary from distribution to distribution.
It used to be true that everything ran under nobody/daemon but this is
less and less true now as a hole in one server could lead to being able
to tamper or at least read files destined for another.
The page above notes this in a footnote as so:
The 'daemon' UID/GID was used as an unprivileged UID/GID for
daemons to execute under in order to limit their access to the
system. Generally daemons should now run under individual
UID/GIDs in order to further partition daemons from one another.
Hope this helps some,
Simon.
--
oOoOo "It's so nice to have a big strong spud around the house." oOoOo
oOoOo oOoOo
oOoOo oOoOo
htag.pl 0.0.22 ::::::: http://www.earth.li/~huggie/
More information about the Sclug
mailing list