Finding Low Privileged User - Unix

This is a discussion on Finding Low Privileged User - Unix ; Is there a tried and true method for finding the low privileged user on a system? Most systems have a user like 'nobody' but not all. Is there another user with no shell and no home dir that is ALWAYS ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Finding Low Privileged User

  1. Finding Low Privileged User

    Is there a tried and true method for finding the low privileged user on
    a system? Most systems have a user like 'nobody' but not all. Is there
    another user with no shell and no home dir that is ALWAYS present or is
    there a way to find such a user?

    I want to streamline my product installer but I think creating a user
    is a little obnoxious.

    Mike


  2. Re: Finding Low Privileged User

    Michael B Allen wrote:
    > Is there a tried and true method for finding the low privileged user on
    > a system? Most systems have a user like 'nobody' but not all. Is there
    > another user with no shell and no home dir that is ALWAYS present or is
    > there a way to find such a user?
    >
    > I want to streamline my product installer but I think creating a user
    > is a little obnoxious.

    What I have often seen is that the installer will ask what
    a good user is and perhaps try and default to 'nobody' or something similar.

  3. Re: Finding Low Privileged User

    >Is there a tried and true method for finding the low privileged user on
    >a system? Most systems have a user like 'nobody' but not all. Is there
    >another user with no shell and no home dir that is ALWAYS present or is
    >there a way to find such a user?


    THe lowest privileged user is one that is not in use by any other
    program. If it's in use by another program, it has privileges
    associated with that (processes using it that can be killed, files
    it can delete, etc.). The only way you can be sure it's not in use
    by any other program is to create it yourself. The current uses
    of "nobody" ought to be split up between "nobody000" thru "nobody999".

    >I want to streamline my product installer but I think creating a user
    >is a little obnoxious.



+ Reply to Thread