startup error for pflogd

Martin P. Hellwig mhellwig at
Mon Jun 21 16:32:44 GMT 2004

Michael Reifenberger wrote:

> On Mon, 21 Jun 2004, Max Laier wrote:
> ...
>> I'll try to explain the reasoning behind this. If there are a zillion
>> processes all owned by nobody:nogroup and an attacker manages to obtain
>> control over one of them, the rest might be easy/easier prey. The 
>> evildoer
>> will have better chances to obtain critical resources and maybe root 
>> in the
>> end.
>> This might seem like OpenBSD/paranoia, but my opinion on it is: It's 
>> done so
>> why not port it over? It also helps to keep the diff down (which 
>> means less
>> work).
> Wouldn't it make sense to add all _<service> users at once then?
Yes voter for this one , from my limited user perspective  this seems 
the logical thing to do.


$ /usr/local/etc/rc.d/
$ Usage, mix UNIX with: {politics|religion|both(=GNU/Linux)}

More information about the freebsd-current mailing list