3

When I was first learning Linux I recall reading that because it is so widely used, "nobody" is (jokingly?) known as the "second most privileged user, after root" on Unix machines.

A quick google search seems to corroborate that it is a common saying, not just a quirk of the author I was reading.

Why is this a common saying? Is it really true?

Wildcard
  • 36,499
  • 1
    probably because nobody owns a lot of files...so if you can manage to login or run a shell as nobody you've got write access to some/all/most of them. – cas Mar 25 '16 at 04:29
  • I don't get it. In wikipedia it is written: In many Unix variants, "nobody" is the conventional name of a user account which owns no files, is in no privileged groups, and has no abilities except those which every other user has. Some systems also define an equivalent group "nogroup". – Mostafa Ahangarha Mar 25 '16 at 06:43
  • 3
    An important aspect that is also mentioned in the answer to "What is nobody user and group?" but was not stated here: It has exactly the same abilites as an user. Every process is allowed to e.g. kill processes owned by the same user. If you run multiple services as nobody any of them can interfere with the other ones. – cg909 Mar 13 '17 at 02:56

1 Answers1

4

Sometime Linux distributions incorrectly implement the standards and assign files to the user nobody. In that case programs have access to a bunch of files which are not for them.

According to the standards, the user nobody shouldn't own any files and it should only be used to run programs which don't need to have privileges.

Nevertheless, the more secure option would be to have a separate user for each program which needs to run software without privileges.

Bogdan
  • 976