Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: Ownership of files in var being changed without my knowledge.

  1. #11
    Join Date
    Jun 2020
    Beans
    83
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: Ownership of files in var being changed without my knowledge.

    But what is happening with me is unusual and as you said "The user account nobody is sometimes used by processes that voluntarily drop their user priviledges so they can't do damage even if they get compromised"- is this because something wrong has entered in my system or what?

  2. #12
    Join Date
    May 2006
    Location
    Switzerland
    Beans
    2,904
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: Ownership of files in var being changed without my knowledge.

    Quote Originally Posted by EngineerStrange View Post
    But what is happening with me is unusual and as you said "The user account nobody is sometimes used by processes that voluntarily drop their user priviledges so they can't do damage even if they get compromised"- is this because something wrong has entered in my system or what?
    No. It's standard procedure. A safety measure out of the box. Many processes, services and programs will drop all priviledges when they don't need them and then make use of "nobody".

    There used to be a time (1980's) when everything on Unix (the spiritual ancestor of Linux) was running as "root" and every service that was available on the system was turned on by default. Many of those network services have completely fallen out of use exactly because they turned out to be such security nightmares and had more holes than a Swiss cheese, e.g. telnet, rsh, rlogin, rcp, finger, ftp, many others.

    Back then Unix viruses such as the legendary "Morris Worm" were a thing.

    Developers soon realised that running programs and services with way too many priviledges was a bad thing and most of the time is totally not necessary. Turning every available service on a system on per default was seen as a horribly bad idea too. So this all changed.

    The solution was the invention of the "nobody" account and implementing processes and services in such a way that they would drop their rights to "root" and become "nobody" whenever they can. And all these unsafe services were either abolished completely or replaced with massively safer and encrypted alternatives such as SSH (which replaces rsh, rlogin, rcp, ftp and telnet ...).

    When Linux was created in the early 1990's it adopted those changes too and that's where we are at today.
    Last edited by scorp123; July 28th, 2021 at 03:38 AM.

Page 2 of 2 FirstFirst 12

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •