On Jun 21, 2004, at 10:39 AM, Max Laier wrote: > On Monday 21 June 2004 10:57, Michael Reifenberger wrote: >> As it seems is OpenBSD aggressivly using "_<service>" users. >> Is this something we should follow? > > I'll try to explain the reasoning behind this. If there are a zillion > processes all owned by nobody:nogroup and an attacker manages to obtain > control over one of them, the rest might be easy/easier prey. The > evildoer > will have better chances to obtain critical resources and maybe root > in the > end. Certainly it's a good idea to run different services under seperate users where possible, for exactly the reasons you describe: it helps reduce the window of vulnerability if one service is compromised. However, please note that no processes should be running as nobody, nor should any files be owned by nobody. 'nobody' exists so that NFS can map unknown and/or untrusted remote root users to a safe UID which is not used anywhere else in the system. Using 'nobody' for other purposes can be risky. -- -ChuckReceived on Mon Jun 21 2004 - 15:02:40 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:58 UTC