[distcc] Re: Red Hat packaging patch for 0.15

Jean-Eric Cuendet jean-eric.cuendet at linkvest.com
Tue Dec 17 11:34:00 GMT 2002


>
>
>The only problem with using `nobody' for distcc is that some sites may
>similarly use `nobody' for the uid under which other daemons run.
>Thus, distcc, Amanda, Squid and others could all notionally read/write
>each others' files.
>
That *could* be a security treat.
But running under nobody is *better* than under root, in all condition!
User nobody shouldn't have files.
But a solution could be:
- If distcc user *already* exists, use it in xinetd script
- If distcc user is not available, use nobody
- If nobody user is not available, use root

No?
-jec






More information about the distcc mailing list