You are not logged in.

#1 2004-11-07 07:59:11

Father
Member
From: Australia
Registered: 2004-06-01
Posts: 209

`nobody' home directory is `/' ?!

i could be wrong about this, so feel free to tell me if i am..

the `nobody' user can be used to prevent unauthorised access in certain situations.
on other distros ive seen, the default home directory is something like
/usr/share/nobody
or
/usr/share/empty

that way, they are chrooted into an empty directory and have no files they can tamper with

on arch however, the nobody user has the following line (in /etc/passwd)
nobody:x:99:99:nobody:/:
its home directory is `/'

isnt that a little dangerous??

Offline

#2 2004-11-07 08:14:36

z4ziggy
Member
From: Israel
Registered: 2004-03-29
Posts: 573
Website

Re: `nobody' home directory is `/' ?!

i think the / is the program to execute (ie, none) and the field before (nobody) is the directory. but i might be wrong too wink

Offline

#3 2004-11-07 08:43:09

Father
Member
From: Australia
Registered: 2004-06-01
Posts: 209

Re: `nobody' home directory is `/' ?!

nah,
nobody:x:99:99:nobody:/:
the second last : field is the home directory, ie / in this case
after that is the shell, im assuming that means the default, which would be /bin/bash

Offline

#4 2004-11-07 09:04:16

z4ziggy
Member
From: Israel
Registered: 2004-03-29
Posts: 573
Website

Re: `nobody' home directory is `/' ?!

yes, u right, i got mixed with the fields wink u better wait for someone who knows  roll

Offline

#5 2004-11-07 15:23:55

i3839
Member
Registered: 2004-02-04
Posts: 1,185

Re: `nobody' home directory is `/' ?!

Father wrote:

that way, they are chrooted into an empty directory and have no files they can tamper with

[....]

isnt that a little dangerous??

What files a user can change is determined by the files' permission settings, not by the user's homedir. The homedir only tells what the initial working directory when a user logs in is, nothing else, it doesn't implicit writing or even reading access. So no, it's not dangerous, not even a little.

Offline

Board footer

Powered by FluxBB