Gary Winiger wrote: >> In addition to running as daemon it is also recommended to remove the >> basic privileges proc_info and proc_session which gives a lot of the >> benefits of running as a different uid for each process. >> >> This has all been covered in previous cases that dealt with uid allocation. >> >> Maybe I should write it up in a best practice. >> > > I don't want to stray too far off course with this. I will note > we could ask Joe about noaccess, and let's continue the archeology > off line: > You're kidding... :-)
It came from New Jersey. I think it came from us via NFS (as suggested), but there is nothing in this set of deltas to indicate that. Yea, a "best practice" would be good. - jek3 > shadow: > 1.4 > 17 lines > No id keywords (cm7) > noaccess:NP:6445:::::: > > D 1.4 90/04/24 01:09:41 jek3 13 11 00003/00001/00014 > MRs: > COMMENTS: > k18.2 Merge; matches passwd; retains lp uid > jek3 Fri Apr 20 19:41:02 1990 > > passwd: > 1.4 > 17 lines > No id keywords (cm7) > noaccess:x:60002:60002:uid no access:/: > > D 1.4 90/04/24 01:09:45 jek3 13 11 00003/00001/00014 > MRs: > COMMENTS: > k18.2 merge - retained lp uid and nuucp as 9 - k18.2 adds nobody > and noaccess > jek3 Fri Apr 20 19:38:42 1990 > > shadow: > 1.11 > noaccess:*LK*:6445:::::: > 14 lines > No id keywords (cm7) > D 1.11 03/10/10 14:15:45 darrenm 21 20 00004/00003/00010 > MRs: > COMMENTS: > PSARC/2003/592 Clarification of nobody account usage > 4862399 nobody account in /etc/passwd should have an account description > PSARC/2003/405 Sun ONE WebServer reserved uid/gid > 4926183 webservd uid 80 gid 80 should be in the default > passwd/shadow/group file > > Gary.. > >
