The UNIX and Linux Forums  
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.

Go Back   The UNIX and Linux Forums > Top Forums > UNIX for Advanced & Expert Users
Reload this Page Application Servers Installation and Users
.
google unix.com

Forums Register Forum RulesLinksAlbums FAQ Members List Calendar Search Today's Posts Mark Forums Read



Thread: Application Servers Installation and Users
View Single Post in the UNIX and Linux Forums - Click on the Thread or Permalink to View Entire Thread -->
  #2 (permalink)  
Old 04-09-2008
era era is offline Forum Advisor  
Herder of Useless Cats (On Sabbatical)
  
 

Join Date: Mar 2008
Location: /there/is/only/bin/sh
Posts: 3,652
Debian policy call these "system users" but there's not much on the topic in there. Debian Policy Manual - The Operating System

AccountHandlingInMaintainerScripts - Debian Wiki also has some discussion from a Debian perspective.

I'm not saying Debian is necessarily the best role model but they tend to have documentation for these kinds of things. Turns out even they don't have much.

I believe the recommendation for e.g. Apache is actually to have two different accounts, where www-data owns the actual files served by the application, and apache (I guess) is the account which runs the daemon. The reasoning is that if the daemon is broken into, you have partitioned the ownerships so that it can't damage the files (it only need to read them to serve them, after all).