Date: Thu, 18 Oct 2001 16:16:09 +0400 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Yarema <yds@dppl.com> Cc: ports@FreeBSD.org, Sheldon Hearn <sheldonh@starjuice.net> Subject: Re: HEADS UP: Apache port change from nobody:nogroup to www:www planned Message-ID: <20011018161609.A63967@nagual.pp.ru> In-Reply-To: <864670000.1003407169@volyn.dppl.net> References: <28552.1003405786@axl.seasidesoftware.co.za> <864670000.1003407169@volyn.dppl.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Oct 18, 2001 at 08:12:49 -0400, Yarema wrote: > > OK, I'm kinda lost here too. I understand that nobody:nogroup should not > own any files. I do not understand that 'Apache abuses nobody just running > under it' by gaining 'access to priveledges it must not have.' What > exactly are these priveledges 'it must not have?' privileges to write > files? What is the proper use for nobody:nogroup? Any priviledges, read/write/etc. Nobody is internal NFS user means 'root'. > That may be true about suexec. But why is nobody:nogroup any less or more > equal than any other group for this purpose? I always thought it an Because nobody is NFS special, while any other user - not. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011018161609.A63967>