LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
 
Search this Thread
Old 01-28-2007, 11:32 AM   #1
slzckboy
Member
 
Registered: May 2005
Location: uk - Reading
Distribution: slack 10.2 kde 3.4.2 kernel 2.6.15
Posts: 452

Rep: Reputation: 30
purpose/usefulness of the nobody user?


As per title what is the intended purpose of the nobody user in Linux?

thnks in advance.
 
Old 01-28-2007, 01:43 PM   #2
reddazz
Guru
 
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298

Rep: Reputation: 74
Take a look at this article.
 
Old 01-28-2007, 01:51 PM   #3
slzckboy
Member
 
Registered: May 2005
Location: uk - Reading
Distribution: slack 10.2 kde 3.4.2 kernel 2.6.15
Posts: 452

Original Poster
Rep: Reputation: 30
ta v much
:0)
 
Old 01-28-2007, 10:01 PM   #4
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,633

Rep: Reputation: 1261Reputation: 1261Reputation: 1261Reputation: 1261Reputation: 1261Reputation: 1261Reputation: 1261Reputation: 1261Reputation: 1261
To summarize...

A daemon ("service") is a program that runs all the time, providing some useful function or service to any other program. (A common example is the print-spooler, which lets you "queue up" printed output without waiting for the physical printer to finish.)

Daemons are like ordinary logged-on users in the sense that they run "as somebody." But, unlike logged-on users, they never log off.

When you log on, and enter the username 'joe', you run "as 'joe'" until you log off. Someone on another terminal who entered the username 'nancy' will run "as 'nancy'" until she logs off. Well, in the same manner, the print-spooler or any other daemon "runs as <somebody>" even though it never logs-off. Like any other program on the system, its privileges and its access are defined and controlled by "who it logs-on as."

When a daemon "minds its own business," you don't have to mind too much what privileges it does or doesn't have ... although as a matter of principle you should limit it to only what it needs.

However, when a daemon accepts work from others, or (gawd help us all...) from the Internet, we sadly must assume that the infidels who may (by whatever means known but to gawd) submit work to this daemon, must have (lawd, help us) evil intentions. We must assume that they intend to wreak havoc upon our hard-working daemon if they can... blasting 'is hard-working mind utterly to bits and bending 'is hard labors to their most-evil intentions. And so the only way that we possess to protect our gawd-fearing system from their most-evil designs is to strictly limit what our daemon can possibly do, no matter what Evil Spirit may somehow possess him. We do this by "the user that the daemon logs-on as."

The most-powerful user is root, the Godhead of the system .. ommmm.... .. He Who Must Be Obeyed. A daemon that runs as this user, if trustworthy, can do Anything. (But "gawd help us all, there is surely Hell To Pay" if, as is so often the case in Microsoft Windows, he turns out to be a "vile and dastardly rogue!")

And the least-powerful user is nobody, the ultimate paeon, no better than anyone else. A daemon that runs as this user, if untrustworthy, can do no harm. ("So let 'im be 'a vile and dastardly rogue' if it pleases 'im or strokes 'is ego. What bloody harm can 'e possibly do?")

And thus is thy system (P.S. "be it Windows or Linux...") protected...

{ And if thou shouldst be offended by any supposed slight that you might concieve that I might have against thy religion, I prithee that thou shouldst kindly forbear, for surely I mean no slight against thee whatever. I mean all of this only but in good fun, and not against thee or thy devotions. }

Last edited by sundialsvcs; 01-28-2007 at 10:12 PM.
 
Old 01-28-2007, 10:13 PM   #5
rickh
Senior Member
 
Registered: May 2004
Location: Albuquerque, NM USA
Distribution: Debian-Lenny/Sid 32/64 Desktop: Generic AMD64-EVGA 680i Laptop: Generic Intel SIS-AC97
Posts: 4,250

Rep: Reputation: 60
Nice piece of writing, sundialsvcs. Intrigued me enough to read reddazz's link, as well.

From that link:
Quote:
However, the usefulness of this technique is reduced if more than one daemon is run like this, because then gaining control of one daemon would provide control of them all. Creating one account for each daemon is a more secure policy.
Made me wonder about who owned the various daemon processes on my own machine. I looked at System Monitor which lists all the processes running, but it doesn't include the process owner's name.

Where might I find that information?
 
Old 01-28-2007, 10:33 PM   #6
reddazz
Guru
 
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298

Rep: Reputation: 74
I usually just use "ps aux". The output shows that some daemons are being run by apache, mysql and other system users. After looking at the output on my Gentoo and FC systems, it seems like no daemons are being run using the nobody account.
 
Old 01-28-2007, 10:40 PM   #7
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 12,855

Rep: Reputation: 1165Reputation: 1165Reputation: 1165Reputation: 1165Reputation: 1165Reputation: 1165Reputation: 1165Reputation: 1165Reputation: 1165
@sundialsvcs what are you smoking mate ???.
Gotta be good, whatever it is ...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Google Spreadsheets and the usefulness of online applications LXer Syndicated Linux News 0 06-10-2006 09:03 PM
Usefulness of isos? dr_zayus69 General 6 03-13-2006 01:04 PM
usefulness of mandriva-patches in kernel, or just new 2.614. kernel from source? Emmanuel_uk Mandriva 6 12-20-2005 08:56 PM
can lower run levels boost usefulness of older computers? dr_zayus69 Linux - Software 4 08-29-2005 06:25 PM
Firewall usefulness oneandoneis2 Linux - Security 8 03-03-2005 12:37 PM


All times are GMT -5. The time now is 05:09 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration