newbie vserver/auth question.

Solar Designer solar at
Mon Mar 28 10:29:40 PST 2005

On Mon, Mar 28, 2005 at 07:22:01PM +0200, Japie wrote:
> On Mon, 28 Mar 2005 20:31:39 +0400, Solar Designer wrote:
> > If you make use of an UID anywhere on the system (even within a chroot
> > jail), it is most appropriate to allocate it in the global /etc/passwd
> > as well, to ensure that it won't be taken for another purpose.  This
> > has no security consequences.
> In concreto this would implement that using an user account with
> strict access policy is sufficient for running most services? (or did I
> misunderstood)

I'm not sure I fully understand what you wanted to say by this.

Yes, it's OK to use pseudo-user accounts.  No, it is not always
sufficient to do just that, other restrictions such as chroot jails
may be appropriate.


More information about the hlfs-dev mailing list