[Shr-Devel] Security features of SHR

Werner Almesberger werner at openmoko.org
Fri May 28 01:05:04 CEST 2010

Shaz wrote:
> Issue for the community that what user name or id to give for standard
> system services and utilities.

Traditional choices for "service users" include "daemon", "nobody",
<service-name>, depending on what you're after. <service-name> can
be something like "mail", "uucp", "dhcp", etc.

To prevent this sort of unprivileged "users" from owning too much
important stuff (not only files, but also processes - think kill
and strace attacks from an easily compromised unimportant "nobody"
service against a more valuable one), it's usually best to give
each its own user ID.

For a default "real user", if there's any chance that there may be
multiple users on the system, the system should probably just ask,
e.g., when getting the initial user password.

If the system is truly single-user and the user/root separation is
purely technical, then something like "user", would work.

- Werner

More information about the openmoko-kernel mailing list