[Techtalk] Web Server User
Raquel Rice
raquel at thericehouse.net
Sat Oct 15 10:31:22 EST 2005
On Fri, 14 Oct 2005 17:16:11 -0700
Cynthia Kiser <cnk at ugcs.caltech.edu> wrote:
> I run a pretty vanilla apache (no cgi) so can't tell you if there
> is no reason - but my user 'nobody' has the standard daemon
> non-shell shell (/sbin/nologin) and everything is running fine.
> Pretty sure it installed that way on my RedHat system.
> --
> Cynthia N. Kiser
Thanks.
I had some a**hole from Romania trying to inject some code using a
vulnerability in TWiki. I'm lucky that I run Apache as www-data ...
a non-privileged user in Debian ... because he's been giving me
fits. He was leaving tracks all over too. I got rid of the shell
for that account. Now I'll have to test everything I run to see if
it's affected by shutting off the shell for that user. It sure
stopped him dead in his tracks though! ;-)
--
Raquel
============================================================
Live your life so that your children can tell their grandchildren
that you not only stood for something wonderful - you acted on it.
--Dan Zadra, CEO Compendium, Inc.
More information about the Techtalk
mailing list