MAJOR hole in 5.0
archaic at indy.rr.com
Fri Sep 26 07:54:02 PDT 2003
On Fri, Sep 26, 2003 at 04:36:57PM +0200, Daniel Roethlisberger wrote:
> Some daemons default to using 'nobody' when dropping priviledges in
> order to do unpriviledged work. Of course it's possible to force such
> programs to use another user than 'nobody' (runtime options,
> ./configure options, or even patching the source), but I strongly
> believe it is still a good idea to have the user 'nobody' around, just
> in case you missed one.
I'm not even concerned about the book's policy in this regard, but I
will say that a security conscience admin will check a daemon's privs
after configuring and starting it. If the daemon wasn't configured to
drop privs, it won't use nobody, anyway. And if the default config is to
use nobody and you don't have a nobody user, you will get a warning or
fatal error reminding you not to use the default setup.
Under democracy one party always devotes its chief energies to trying to
prove that the other party is unfit to rule--and both commonly succeed,
and are right... The United States has never developed an aristocracy
really disinterested or an intelligentsia really intelligent. Its
history is simply a record of vacillations between two gangs of frauds.
- H. L. Mencken
More information about the lfs-security