Compromise of the nobody account?

Hi.

How bad it is it if one can't trust the "nobody" account on a UNIX or
Unix-like system, and said account has been broken into and is being
used to access the system? Should one just dump the account, then? Is
it bad practice to leave the "nobody" account unguarded?

At worst I'd guess the cracker might be able to turn off or fuss
around with daemons running as that, however if one uses something
else to run the daemons instead I would not think all that much damage
to the system could be done from a comp'd nobody account.

Is this a good assessment?
.

Relevant Pages

  • Re: Compromise of the nobody account?
    ... Beside being unable to log in as this user, how do you feel the account ... exactly how would this differ from a user running as any other user ... evidense of nobody trampling around and is worried that it is a breaking. ...
    (comp.security.unix)
  • Re: Compromise of the nobody account?
    ...   It's the last field from the password line. ... The administrator assigned "nobody" to have whatever shell is ... Beside being unable to log in as this user, how do you feel the account ... often used for running daemons, that's why I was wondering about it. ...
    (comp.security.unix)
  • Re: Compromise of the nobody account?
    ... In my hypothetical, "nobody" was broken, because I was wondering how ... regular user account. ... "nobody" is often used for running daemons, ... The libraries here use USPS, or a package service like UPS or FedEx ...
    (comp.security.unix)
  • Re: Compromise of the nobody account?
    ... user "nobody" using? ... Beside being unable to log in as this user, how do you feel the account ... exactly how would this differ from a user running as any other user ...
    (comp.security.unix)
  • get your across investing repetition of course my parish
    ... do you account them? ... encloses a trustee too inevitable out of her secure sea. ... reaching to attack you some of my shared reservoirs. ... Nobody ...
    (sci.crypt)
Quantcast