newbie vserver/auth question.
solar at openwall.com
Mon Mar 28 10:29:40 PST 2005
On Mon, Mar 28, 2005 at 07:22:01PM +0200, Japie wrote:
> On Mon, 28 Mar 2005 20:31:39 +0400, Solar Designer wrote:
> > If you make use of an UID anywhere on the system (even within a chroot
> > jail), it is most appropriate to allocate it in the global /etc/passwd
> > as well, to ensure that it won't be taken for another purpose. This
> > has no security consequences.
> In concreto this would implement that using an user account with
> strict access policy is sufficient for running most services? (or did I
I'm not sure I fully understand what you wanted to say by this.
Yes, it's OK to use pseudo-user accounts. No, it is not always
sufficient to do just that, other restrictions such as chroot jails
may be appropriate.
More information about the hlfs-dev