Hi Konstantin Ryabitsev! On Wed, Sep 05, 2007 at 12:37:16PM -0400, Konstantin Ryabitsev wrote next: > I recall there being something about running daemons as user "nobody." > Is that still a policy? Cursory search in the wiki revealed nothing, > but searching for "user nobody" is near-futile. :) > Don't we normally create daemon-specific users? If you create only one user to many services you pick up big security hole. For example, you have installed httpd and mysql under nobody account. If the cracker crashed httpd he also got access to mysql. That's why we need to create separate user per unique service. -- With best regards, Andy Shevchenko. mailto: andy@xxxxxxxxxxxx -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
