What is nobody user under Unix/Linux OS?

Windows will automatically create some user accounts after installation, in Linux also has some user accounts after system installation, just like the built-in accounts in Windows.

They are commonly used to complete specific tasks, such as nobody and ftp, etc. When we visit some website, the server of the website is to allow customers to log in as ‘nobody‘ (equivalent to anonymous accounts in the Windows system); when we anonymously access ftp server, we will use the user ftp or nobody.

First, nobody user is a normal user, not a privileged user. The ‘purpose’ of using the nobody is to allow anyone to log in to the system, but its UID and GID do not provide any privileges, which the uid and gid can only access files that everyone can read and write to.

Second, many systems routinely create a nobody by default, try to ‘limit its privileges to a minimum’, and when the server is served to the unknown people, it may allow the client to log in as a nobody.

Nobody user is a general account, because the default login shell is /sbin/nologin, so this user is unable to log into the system directly, that is, it is difficult for hackers to connect to your server through the vulnerability to do damage. In addition, the privileges of this user are also configured to be very low. So there is a high level of security. Everything is given only minimum privileges. That’s the point of nobody’s existence.

RSS