Re: why is the nobody account password-protected?

From: all mail refused (elvis_at_notatla.org.uk)
Date: 07/16/04

  • Next message: chad bowser: "Building Open Source Tripwire on Tru64"
    Date: 16 Jul 2004 16:39:56 GMT
    
    

    In article <40F801C9.20005@yahoo.com>, Kevin Rodgers wrote:

    >On Solaris and GNU/Linux at least, the nobody account has a single
    >character password -- why? I think it'd make sense to allow any user
    >to `su nobody` to safely run risky commands without any priveleges.

    If you allowed any user to `su nobody` the account would
    not have a status of no-privileges it would be the Bart Simpson
    account: I didn't do it; nobody saw me; you can't prove anything.

    If certain users need a second account I'd be happier to
    give them one each.

    -- 
    Elvis Notargiacomo  master AT barefaced DOT cheek
    http://www.notatla.org.uk/goen/
    

  • Next message: chad bowser: "Building Open Source Tripwire on Tru64"

    Relevant Pages

    • Re: Compromise of the nobody account?
      ...   It's the last field from the password line. ... The administrator assigned "nobody" to have whatever shell is ... Beside being unable to log in as this user, how do you feel the account ... often used for running daemons, that's why I was wondering about it. ...
      (comp.security.unix)
    • Re: Compromise of the nobody account?
      ... In my hypothetical, "nobody" was broken, because I was wondering how ... regular user account. ... "nobody" is often used for running daemons, ... The libraries here use USPS, or a package service like UPS or FedEx ...
      (comp.security.unix)
    • Re: Compromise of the nobody account?
      ... user "nobody" using? ... Beside being unable to log in as this user, how do you feel the account ... exactly how would this differ from a user running as any other user ...
      (comp.security.unix)
    • get your across investing repetition of course my parish
      ... do you account them? ... encloses a trustee too inevitable out of her secure sea. ... reaching to attack you some of my shared reservoirs. ... Nobody ...
      (sci.crypt)
    • Re: Sharing an acocunt - how to reduce risks?
      ... The username/password are on the eBay listing and there is only one account, so it is a free for all really. ... Changed the ownership of .profile to root and chomod 644, so nobody can edit it and mess up the path for someone else. ... There is no data of value on it and it can't be used as a base to hack my LAN due to the firewall. ...
      (comp.unix.solaris)