Rob Kudyba wrote: > > Not using spamc at the moment. Running spamd as user nobody. > > nobody 16877 0.0 1.1 26356 5848 ? S Apr08 0:01 > /usr/local/bin/perl -T -w /usr/local/bin/spamd -u nobody -d -x -D > nobody 16878 0.0 4.0 30208 20712 ? S Apr08 1:07 spamd > child > nobody 16879 0.0 4.1 30308 21132 ? S Apr08 1:09 spamd > child > nobody 16880 0.0 4.0 29832 20816 ? S Apr08 1:09 spamd > child > nobody 16881 0.0 4.0 30048 20916 ? S Apr08 1:09 spamd > child > nobody 16882 0.0 4.0 29792 20848 ? S Apr08 1:08 spamd > child > > in /etc/passwd: > nobody:x:99:99:Nobody:/:/sbin/nologin > > So I'm guessing a fix would be: > mkdir /home/nobody > STOP!!!!!! DO NOT UNDER ANY CONDITION GIVE NOBODY A HOME DIRECTORY THAT IT CAN WRITE TO.
You WILL reduce the security of your server if you do so. Nobody is NOT intended to have a writable home directory. Many applications revoke privilege to nobody, and they gain added strength against attack from this feature of the account. Do not weaken the security of other apps on your system to fix this. Instead, do as I suggested create a dedicated deprivileged user, and use that instead of nobody. >
