https://community.hpe.com/t5/operating-system-hp-ux/starting-process-named-as-nobody/m-p/2749047#M69710 It's not a good idea. Named has to be able to read a lot of files: /etc/resolf.conf, /etc/nsswitch.conf, /etc/hosts, /etc/named.boot (or /etc/named.conf) and all your DNS files. <BR /><BR />You'll also run into directory permissions in /var/run.<BR /><BR />HTH<BR />mark Thu, 20 Jun 2002 15:05:36 GMT Mark Greene_1 2002-06-20T15:05:36Z https://community.hpe.com/t5/operating-system-hp-ux/starting-process-named-as-nobody/m-p/2749046#M69709 Hi,<BR />I want to know if someone has never started the process named (DNS process) with the user NOBODY. And which are the benefit to do it ?<BR />I've another little things: On my machine there are some NFS file system....<BR />I'm runnig on HPUX 11.0<BR />Thanks a lot<BR />Fabrizio Thu, 20 Jun 2002 14:52:36 GMT https://community.hpe.com/t5/operating-system-hp-ux/starting-process-named-as-nobody/m-p/2749046#M69709 Fabrizio Alleva 2002-06-20T14:52:36Z https://community.hpe.com/t5/operating-system-hp-ux/starting-process-named-as-nobody/m-p/2749047#M69710 It's not a good idea. Named has to be able to read a lot of files: /etc/resolf.conf, /etc/nsswitch.conf, /etc/hosts, /etc/named.boot (or /etc/named.conf) and all your DNS files. <BR /><BR />You'll also run into directory permissions in /var/run.<BR /><BR />HTH<BR />mark Thu, 20 Jun 2002 15:05:36 GMT https://community.hpe.com/t5/operating-system-hp-ux/starting-process-named-as-nobody/m-p/2749047#M69710 Mark Greene_1 2002-06-20T15:05:36Z https://community.hpe.com/t5/operating-system-hp-ux/starting-process-named-as-nobody/m-p/2749048#M69711 I try to run it as user named on linux system but start having trouble and then when I start using root I have no more trouble.<BR /><BR />Sachin Thu, 20 Jun 2002 15:37:03 GMT https://community.hpe.com/t5/operating-system-hp-ux/starting-process-named-as-nobody/m-p/2749048#M69711 Sachin Patel 2002-06-20T15:37:03Z https://community.hpe.com/t5/operating-system-hp-ux/starting-process-named-as-nobody/m-p/2749049#M69712 Fabrizio,<BR /><BR />From what I've read it's good practice to Run BIND with minimum privileges: as a non-root user, with a tight umask. Take a look at the following paper that describes a secure install on Solairs:<BR /><BR /><A href="http://www.boran.com/security/sp/bind_hardening8.html" target="_blank">http://www.boran.com/security/sp/bind_hardening8.html</A><BR /><BR />If you are trying to further secure your BIND installation, I would recommend the following:<BR /><BR />1. Create a user and group account for BIND (named:named)<BR /><BR />2. Don't allow the BIND account to use ftp (/etc/ftpusers)<BR /><BR />3. Set up file permissions on all assoicated named files and directories.<BR /><BR />The paper further describes these steps.<BR /><BR />Hope that helps.<BR /><BR />-Mike Thu, 20 Jun 2002 15:42:56 GMT https://community.hpe.com/t5/operating-system-hp-ux/starting-process-named-as-nobody/m-p/2749049#M69712 Mike Hassell 2002-06-20T15:42:56Z https://community.hpe.com/t5/operating-system-hp-ux/starting-process-named-as-nobody/m-p/2749050#M69713 Hello,<BR />You are telling that you have some NFS file systems.<BR />Might be someone has started some processes from that.<BR />Whenever you access a remote file system you are assigned as user nobody.<BR /><BR />Thanks Fri, 21 Jun 2002 02:50:36 GMT https://community.hpe.com/t5/operating-system-hp-ux/starting-process-named-as-nobody/m-p/2749050#M69713 T G Manikandan 2002-06-21T02:50:36Z