user nobody and test suites

Robert Connolly robert at linuxfromscratch.org
Tue Mar 27 19:32:04 PDT 2007


On Monday March 26 2007 02:41, Bruce Dubbs wrote:
> One of the reasons for LFS and BLFS is to explain what is gong on.  If
> there is no technical merit to it and there are reasons against it, then
> "we have always done it that way" is insufficient.

Okay, fair enough. 'nobody' isn't a human user and so should be kept with the 
system and administrative users, below ID 100.

As for /bin/false vs /sbin/nologin, an `su nobody`, or 'named' or something 
else, with a /bin/false shell will return an error code, but no error 
message. It's not clear why the login failed. Silent rejection is usually 
appropriate for malicious use, but this is more like careless use and 
deserves an error message.

robert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/lfs-dev/attachments/20070327/741a983c/attachment.sig>


More information about the lfs-dev mailing list