[arch-general] [arch-dev-public] Snort UID / GID

RedShift redshift at pandora.be
Fri Jul 18 04:46:17 EDT 2008


Aaron Griffin wrote:
> On Thu, Jul 17, 2008 at 10:40 AM, Hugo Doria <hugodoria at gmail.com> wrote:
>> Thus this way snort can work out of the box with less privileges.
>> Anyone who wants can put snort to run with another user.
>>
>> And, in any case, this email was just a question.
> 
> I don't see why people have such an issue with creating UIDs/GIDs out
> of the box. I don't have a problem with it, as long as we don't do it
> on every flippin package under the sun. Is it possible to use 'nobody'
> for snort, or is there a security risk there too?
> 
> 
> 

What if I want to run snort under for example "security_user". Now I have a cluttered passwd file due to the post-install script. And if I manually remove the snort user, the pre-remove will probably error out too.

Glenn




More information about the arch-general mailing list