startup error for pflogd
Charles Swiger
cswiger at mac.com
Mon Jun 21 17:02:40 GMT 2004
On Jun 21, 2004, at 10:39 AM, Max Laier wrote:
> On Monday 21 June 2004 10:57, Michael Reifenberger wrote:
>> As it seems is OpenBSD aggressivly using "_<service>" users.
>> Is this something we should follow?
>
> I'll try to explain the reasoning behind this. If there are a zillion
> processes all owned by nobody:nogroup and an attacker manages to obtain
> control over one of them, the rest might be easy/easier prey. The
> evildoer
> will have better chances to obtain critical resources and maybe root
> in the
> end.
Certainly it's a good idea to run different services under seperate
users where possible, for exactly the reasons you describe: it helps
reduce the window of vulnerability if one service is compromised.
However, please note that no processes should be running as nobody, nor
should any files be owned by nobody. 'nobody' exists so that NFS can
map unknown and/or untrusted remote root users to a safe UID which is
not used anywhere else in the system. Using 'nobody' for other
purposes can be risky.
--
-Chuck
More information about the freebsd-current
mailing list