|
Background: I remember at my old place of employment how the web server admin would always make me change the httpd-accessible file upload directories so that they were owned by apache:apache or nobody:nobody.
He said this was for security reasons.
Question...
Started by dreftymac on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at serverfault):
Now, a file or directory owned by apache or nobody security implications by changing the effective user for apache to "nobody", unless you have other it shouldn't just be left as "apache....
Access, then they would have to be world writeable.
|
|
Background: I remember at my old place of employment how the web server admin would always make me change the httpd-accessible file upload directories so that they were owned by apache:apache or nobody:nobody.
He said this was for security reasons.
Question...
Started by dreftymac on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at stackoverflow):
It is effectively.
The ownership of the httpd daemon runs under nobody:nobody or apache:apache.
|
|
This is on a CentOS machine. I'm trying to run a script as user nobody (or as a user with minimal permissions) at a certain time every day. Here is nobody:
[root@CentOS % ~] grep "^nobody" /etc/passwd nobody:x:99:99:Nobody:/:/sbin/nologin
here's what ...
Started by pica on
, 5 posts
by 4 people.
Answer Snippets (Read the full thread at superuser):
Crontab:
15 17 * * * nobody /usr/local/bin/bashscript.sh
Workaround instead of a real answer:
You can add a comment to your crontab
**#see crontab -u nobody -l for something that runs everyday at 1:15 AM**
and then just add an entry to....
|
Ask your Facebook Friends
|
Is it true that "Nobody should be using MFC any more"
And why is that?
Started by ju on
, 6 posts
by 6 people.
Answer Snippets (Read the full thread at stackoverflow):
There were always better technologies....
Arguably, no-one should ever have used MFC (speaking as someone who has been exposed to it since MFC 1.0) .
It is just an older technology: there are newer, shinier technologies out there that are far easier to use.. .
|
|
Hello ALl,
I have XAMPP server installed on Red hat . I find the when ever I execute PHP scripts it executes from the owner of "nobody".
Now the problem is I need to use sudo to run some process inside the PHP script . if i use sudo , this owner "nobody...
Answer Snippets (Read the full thread at serverfault):
What you want is probably this sudo parameter, but I don't think it's a good idea too:
nobody ALL.
|
|
I have a daemon sitting in my root directory that currently is being run as root. However, since this program can read the file system, this is clearly a security problem. How can I run it as nobody so that I can resolve this problem?
Doing "su - nobody...
Started by Chris Bunch on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at serverfault):
If you're really concerned about security you don't want.
As "nobody" -- there's an old joke that nobody is usually the most privileged user on a *NIX system because all the daemons run as "nobody".
|
|
I want a user-privileged (not root) process to launch new processes as user "nobody". I've tried a straight call to setuid that fails with -1 EPERM on Ubuntu 8.04:
#include <sys/types.h> #include <unistd.h> int main() { setuid(65534); while...
Started by jldugger on
, 5 posts
by 5 people.
Answer Snippets (Read the full thread at stackoverflow):
Another option is that she will do chown nobody and....
This will work for both scripts and binary executables.
Or, you can have your executable have the suid bit set up on it, and have it owned by nobody it as with sudo -u nobody .
|
|
We have an Ubuntu 9.04 server running samba with null passwords and home directory shares, and we have corresponding users that mount said shares on windows machines. Essentially, each user has an account on the server (with the same username as on their...
Started by EvanK on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at serverfault):
In addition to the user needing an account on the linux machine, they also had to be added to... .
As it turns out, the answer was deceptively simple.
See if jdoe is a member (along with everybody else) .
On my system, there is a group called "sambashare".
|
|
Selling Shibuya Nobody >Quote: THIS AND ADD OFFER biggrin biggrin biggrin
Started by -28 Shattered Hopes- on
, 11 posts
by 4 people.
Answer Snippets (Read the full thread at gaiaonline):
|
|
How can I prevent external users from somehow getting a list of files that are on my machine?
For instance, My website is in folder /htdocs/ and I have some other random documents in there too.
How do I make sure that the user can only see the site and...
Started by WebDevHobo on
, 4 posts
by 4 people.
Answer Snippets (Read the full thread at serverfault):
With Apache, you can create a .htaccess file like this:
Options -Indexes
For more details, check out How to Prevent a Directory Listing of Your Website with .htaccess
assuming apache look at this page for some good security tips
in specific add to httpd... .
|
