|
Background: I remember at my old place of employment how the web server admin would always make me change the httpd-accessible file upload directories so that they were owned by apache:apache or nobody:nobody.
He said this was for security reasons.
Question...
Started by dreftymac on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at serverfault):
Now, a file or directory owned by apache or nobody security implications by changing the effective user for apache to "nobody", unless you have other it shouldn't just be left as "apache....
Access, then they would have to be world writeable.
|
|
Background: I remember at my old place of employment how the web server admin would always make me change the httpd-accessible file upload directories so that they were owned by apache:apache or nobody:nobody.
He said this was for security reasons.
Question...
Started by dreftymac on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at stackoverflow):
It is effectively.
The ownership of the httpd daemon runs under nobody:nobody or apache:apache.
|
|
This is on a CentOS machine. I'm trying to run a script as user nobody (or as a user with minimal permissions) at a certain time every day. Here is nobody:
[root@CentOS % ~] grep "^nobody" /etc/passwd nobody:x:99:99:Nobody:/:/sbin/nologin
here's what ...
Started by pica on
, 5 posts
by 4 people.
Answer Snippets (Read the full thread at superuser):
Crontab:
15 17 * * * nobody /usr/local/bin/bashscript.sh
Workaround instead of a real answer:
You can add a comment to your crontab
**#see crontab -u nobody -l for something that runs everyday at 1:15 AM**
and then just add an entry to....
|
Ask your Facebook Friends
|
Is it true that "Nobody should be using MFC any more"
And why is that?
Started by ju on
, 6 posts
by 6 people.
Answer Snippets (Read the full thread at stackoverflow):
There were always better technologies....
Arguably, no-one should ever have used MFC (speaking as someone who has been exposed to it since MFC 1.0) .
It is just an older technology: there are newer, shinier technologies out there that are far easier to use.. .
|
|
So how can anyone argue about it, huh?
Started by Bodhimalik on
, 17 posts
by 9 people.
Answer Snippets (Read the full thread at ilovephilosophy):
Been a problem to the moderator from the "da bible belt" until I mentioned that nobody can prove.
|
|
Hello ALl,
I have XAMPP server installed on Red hat . I find the when ever I execute PHP scripts it executes from the owner of "nobody".
Now the problem is I need to use sudo to run some process inside the PHP script . if i use sudo , this owner "nobody...
Answer Snippets (Read the full thread at serverfault):
What you want is probably this sudo parameter, but I don't think it's a good idea too:
nobody ALL.
|
|
I have a daemon sitting in my root directory that currently is being run as root. However, since this program can read the file system, this is clearly a security problem. How can I run it as nobody so that I can resolve this problem?
Doing "su - nobody...
Started by Chris Bunch on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at serverfault):
If you're really concerned about security you don't want.
As "nobody" -- there's an old joke that nobody is usually the most privileged user on a *NIX system because all the daemons run as "nobody".
|
|
I want a user-privileged (not root) process to launch new processes as user "nobody". I've tried a straight call to setuid that fails with -1 EPERM on Ubuntu 8.04:
#include <sys/types.h> #include <unistd.h> int main() { setuid(65534); while...
Started by jldugger on
, 5 posts
by 5 people.
Answer Snippets (Read the full thread at stackoverflow):
Another option is that she will do chown nobody and....
This will work for both scripts and binary executables.
Or, you can have your executable have the suid bit set up on it, and have it owned by nobody it as with sudo -u nobody .
|
|
It. again and again till I get it riight. Nobody's perfect. You live and love it. And everybody makes mistakes.
Started by What on
, 4 posts
by 4 people.
Answer Snippets (Read the full thread at gaiaonline):
Thats a lot of words for not really having said anything rolleyes that just means you gotta work harder towards perfections .
|
|
We have an Ubuntu 9.04 server running samba with null passwords and home directory shares, and we have corresponding users that mount said shares on windows machines. Essentially, each user has an account on the server (with the same username as on their...
Started by EvanK on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at serverfault):
In addition to the user needing an account on the linux machine, they also had to be added to... .
As it turns out, the answer was deceptively simple.
See if jdoe is a member (along with everybody else) .
On my system, there is a group called "sambashare".
|