Postfixx5151Postfix Daemonvarspoolpostfixbinfalse

This is the postfix daemon, which looks after mail. This user can't log in because its shell is /bin/false, but its home directory is /var/spool/postfix, and it owns the spool directories in which mail being sent and delivered is held. The fact that these directories are owned by the user postfix rather than by root is a security feature — it means that any possible vulnerability in postfix is less likely to lead to a subversion of the whole system. Similar system users exist for the web server (the user wwwrun) and various other services. You won't often need to consider these, but it is important to understand that they exist and that the correct ownerships of certain files and directories by these users is part of the overall security model of the system as a whole.

Each user belongs to one or more groups. The groups on the system are listed in the file /etc/group. To find out what groups you belong to, you can simply type the command groups (alternatively look at the file /etc/group and look for your username). By default, on a SUSE system, you will find that you belong to the group users and also to a few system groups, including the groups dialout and audio. This is to give normal human users the right to use the modem and sound devices (which is arranged through file permissions as you shall see later in this chapter).

Was this article helpful?

0 0

Post a comment