Date: Mon, 27 Oct 1997 20:27:50 +0200 From: Mark Murray <mark@grondar.za> To: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.pp.ru> Cc: Tom <tom@uniserve.com>, Nate Williams <nate@mt.sri.com>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-etc@FreeBSD.ORG Subject: Re: cvs commit: src/etc master.passwd Message-ID: <199710271827.UAA29423@greenpeace.grondar.za>
next in thread | raw e-mail | index | archive | help
=?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= wrote:
> No. If you ever run Apache, you'll understand. Many CGI scripts and other
> things for WWW already assume nobody.
>
> BTW, I even see no reason to do it, we need just single nobody only to
> share among all programs which needs it, not bunch of no-user ids each per
> particular program.
The reason for nobody:nobody is a truly "nobody" user with no special
priveliges or status, not a user with features, etc shoehorned to fit
available software. The software should be fixed, not the OS broken.
It sounds to me as though Apache and/or fingerd is broken. Surely an
appropriate set{e}gid(2) will fix this (off the top of my head)?
Modifying a user (like you did) may be valid, but not as a design
consideration. It is the sort of thing someone may do when building a
box for a specific task, like a web server.
M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710271827.UAA29423>