Hi, I have a question about the purpose of the nobody user.
The Debian wiki suggests that nobody:nogroup can be used as a general-purpose unprivileged user: https://wiki.debian.org/SystemGroups However, this Stack Exchange answer: https://askubuntu.com/a/674397 and the Ubuntu wiki: https://wiki.ubuntu.com/nobody and the LSB: https://refspecs.linuxbase.org/LSB_3.0.0/LSB-PDA/LSB-PDA/usernames.html all seem to contradict this and suggest that in should be reserved for NFS purposes only. I have checked the Debian policy manual for an authoritative answer, but it does not say anything apart from that nobody must exist and have the id 65534. So can someone please enlighten me as to which might be correct? The reason for my question is this: I am writing a process which runs as root, but needs to fork a helper program which does not require file system access at all and will perform I/O through pipes to the parent. Is is sensible to change the id of that process to nobody before calling exec for the helper? If not, is there a better value? daemon(uid 1) for example? Many thanks, Tom
