Nobody (username)

From Wikipedia, the free encyclopedia

The correct title of this article is nobody (username). The initial letter is shown capitalized due to technical restrictions.

In many Unix variants, "nobody" is the conventional name of a user account which owns no files, is in no privileged groups, and has no abilities over and above those which every user has.

It is common to run daemons as nobody, especially servers, in order to limit the damage that could be done by a malicious user who gained control of it. However, the usefulness of this technique is reduced if more than one daemon is run like this, because then gaining control of one daemon would provide control of them all. The reason is that nobody processes have the ability to send signals to each other and even (on Linux) ptrace each other. Creating one account for each daemon provides for a tighter security policy, and is specified by the Linux Standard Base.[1]

[edit] See also

[edit] References

  1. ^ Linux Standard Base, Core Specification 3.1 section 21.2: User & Group Names
Retrieved from "http://en.wikipedia.org../../../n/o/b/Nobody_%28username%29.html"