![[P]](http://cache.lexico.com/g/r/premium_mh.gif){kind=small}
Nobody (username)
Wikipedia, the free encyclopedia - Cite This SourceIn many Unix variants, "nobody" is the conventional name of a user account which owns no files, is in no privileged groups, and has no abilities except those which every other user has.
It is common to run daemons as nobody, especially servers, in order to limit the damage that could be done by a malicious user who gained control of them. However, the usefulness of this technique is reduced if more than one daemon is run like this, because then gaining control of one daemon would provide control of them all. The reason is that nobody-owned processes have the ability to send signals to each other and even (on Linux) ptrace each other. Creating one account for each daemon, as recommended by the Linux Standard Base, provides for a tighter security policy.
See also
References
Wikipedia, the free encyclopedia © 2001-2006 Wikipedia contributors (Disclaimer)
This article is licensed under the GNU Free Documentation License.
Last updated on Wednesday September 12, 2007 at 02:51:24 PDT (GMT -0700)
View this article at Wikipedia.org - Edit this article at Wikipedia.org - Donate to the Wikimedia Foundation