Nobody (username)

Nobody (username)

In many Unix variants, "nobody" is the conventional name of a user account which owns no files, is in no privileged groups, and has no abilities except those which every other user has. Nobody typically either has a very high User ID, such as 32767, or uses a system User ID, typically between 1 and 100.

It is common to run daemons as "nobody", especially servers, in order to limit the damage that could be done by a malicious user who gained control of them. However, the usefulness of this technique is reduced if more than one daemon is run like this, because then gaining control of one daemon would provide control of them all. The reason is that "nobody"-owned processes have the ability to send signals to each other and even (on Linux) ptrace each other, which means that one process can read and write to the memory of another process. Creating one account for each daemon, as recommended by the Linux Standard Base, [Linux Standard Base, [http://refspecs.freestandards.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/usernames.html Core Specification 3.1 section 21.2: User & Group Names] ] provides for a tighter security policy.

ee also

*Privilege revocation
*Principle of least privilege

References


Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • nobody (username) — In many Unix variants, nobody is the conventional name of a user account which owns no files, is in no privileged groups, and has no abilities except those which every other user has. It is common to run daemons as nobody, especially servers, in… …   Wikipedia

  • Nobody — may refer to: Nobodies, a race of beings in the Kingdom Hearts video game series nobody (username), the name of a Unix account which has no particular privileges Nobody, a radio drama by Daniel Brocklehurst Nobody, a character in the Teenage… …   Wikipedia

  • Superuser — For the enterprise system role, see Power user. On many computer operating systems, the superuser is a special user account used for system administration. Depending on the operating system, the actual name of this account might be: root,… …   Wikipedia

  • Power user — A power user is a user of a personal computer who can use advanced features of programs which are outside the expertise of normal users, yet is not capable of advanced, non application oriented tasks like programming and may or may not be capable …   Wikipedia

  • OpenID — The OpenID logo OpenID is an open standard that describes how users can be authenticated in a decentralized manner, eliminating the need for services to provide their own ad hoc systems and allowing users to consolidate their digital… …   Wikipedia

  • Comparison of instant messaging protocols — Basic general information about the protocols: creator, version, amongst others. Protocol Creator First public release date License Identity (not inc. alias) Asynchronous message relaying Transport Layer Security Unlimited number of contacts… …   Wikipedia

  • List of characters in Chaotic — This is a list of characters in the TV series Chaotic. Contents 1 Main characters 1.1 Tom Majors 1.2 Kaz Kalinkas 1.3 Sarah Cornwell …   Wikipedia

  • List of minor humans (Animorphs) — This page details the minor role humans from the Animorphs series. Contents: Top · 0–9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z A Allison Kim …   Wikipedia

  • List of minor characters of Scrubs — The following are a list of minor characters from the American comedy drama Scrubs . Recurring charactersThese cast members have appeared in numerous episodes but remain credited as guest stars. Jordan Sullivan Ted Buckland Keith Dudemeister Dr.… …   Wikipedia

  • E-mail address — An e mail address identifies a location to which e mail messages can be delivered. An e mail address on the modern Internet looks like, for example, jsmith@example.com and is usually read as jsmith at example dot com . Many earlier e mail systems …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”