[arch-general] [arch-dev-public] Snort UID / GID
hugodoria at gmail.com
Thu Jul 17 14:13:41 EDT 2008
The problem of using the user "nobody" is that if it is used for
various services, and one of these is compromised it can also affect
IMHO, we have two options:
1) Create a "snort" user/group and provide a package with fewer
privileges by default (users can change that if they want)
2) Run snort as "nobody" and put a message in snort.install showing
how to change the user/group that snort runs.
I think the first option is better.
More information about the arch-general