Can someone point me to a document or explain to me the utility or application of the noaccess user? It would seem interchangeable with any other user I might create. What is it's purpose of being included by default in new installations of Solaris? (and presumably Linux)
Asked
Active
Viewed 2,161 times
1 Answers
2
Running a task as a limited account is one way of adhering to the principle of least privilege. Having a standard limited account that various software packages can use for such a purpose makes things easier. Without it you may need to create and use an equivalent in some way.
An example would be the Java Web Console for Solaris 10 from Oracle which has a note:
By default, the web console runs under the user identity, noaccess. However, some system configurations disable the noaccess user, or set the login shell for the noaccess user to an invalid entry to make this user identity unusable.
When the noaccess user is not usable, the web console server cannot be started or configured, so an alternative user identity must be specified. Ideally, the user identity should be changed only once, before the console server is configured at initial startup.
Brian
- 3,386
- 17
- 16