> Ok, the example wasn't good. > It was a long day for me, thus, please forgive me that slip-up. > This is certainly a much better example, but: > On example, many httpd servers works with the same privilages, > it means that you can read any CGI temporary file, and other > files readable only by CGI scripts. httpd servers shouldn't be running as user nobody they should be running as user www or something similar. > I think about a case where a CGI script saves some important > information in a temporary file, like PHP do with the sessions: > > -rw------- 1 nobody nobody 329 May 14 12:16 /tmp/sess_0cd156a633 The bug is in one of PHP/CGI/httpd NOT in in.fingerd. nobody has a very special meaning, it is the user id that root gets mapped to over NFS. It was created for that reason and that reason alone, it is NOT a general purpose account to run daemons or cgi or anything else under. If applications need to run as a user other than root then they should have a user for that application, eg Oracle DB server runs as the user oracle. in.fingerd is a special case and it is running as nobody explicitly because there should be no sensitive files that are owned by the nobody user. If you have a system where there are local files that are owned by nobody then you have a configuration error or a bug in another application but it isn't in.fingerd's problem. -- Darren J Moffat
This archive was generated by hypermail 2b30 : Mon May 28 2001 - 13:39:22 PDT