> On 2011 Oct 04 (Tue) at 12:00:08 -0600 (-0600), Theo de Raadt wrote:
> > > note the definition of def_anon in mountd.c, that one has a uid/gid of
> > > -2, now
> > > this might be a problem I suppose.
> > >
> > > However, for the nobody case. If you are mapping to nobody, mountd will
> > > populate
> > > the exportlist correctly for the anonymous user (with the nobody
> > > information)
> > > and pass that to the kernel, where there is some messing about...
> >
> > I don't think this changes anything regarding the master.passwd commit.
> >
> > Obviously nobody isn't just for NFS. It is used by locate, too.
> I dont know what locate is doing with nobody.
>
> What seems to be lost here, is that up to a point the nobody and NFS is
> analogous to _daemon/daemon.
>
> So, thats the point of nobody and thats why there is a linkage between
> NFS and nobody.
I think you've not read the diff that was commited.
master.passwd used to say:
"Unprivileged user for NFS".
But locate uses that login, too. If it wanted to be very
truthful, it could say
"Unprivileged user for NFS and locate(1)".
Or it can just say
"Unprivileged user".
That is what was commited.
