is it safe to group a user under "nobody" group

linux usermod nobody

7,634

The intention of the nobody group is to denote a group with the lowest rights in a unix system.

This implies that you don't compromise your system by adding a supplementary group nobody to any user.

caveat:

This solution is a little bit smelling. Take a cup of coffee and think again if this is the way you want to go.

Generally should the group nobody doesn't have write access to any content below public_html.

7,634

Updated on September 18, 2022

Bibokid almost 2 years

I have created a group called "devs". All our coders are grouped under "devs" so that they can access our websites which are all under public_html folder.

I changed the group of public_hml to "devs", however, the server seem to override this, now the folder group is set to "nobody".

I am thinking of grouping our coders under "nobody", but is it a good idea? Or are there security risks?

usermod -a -G nobody coder-username
Bibokid over 11 years

Thanks. I am not really sure why the public_html's group became "nobody", must be the server automated it or some other admin did it. But the group permission is only rx, and there are no other file or folders under it that belongs to "nobody". So I think there is nothing smelly after all. Do you agree?
H.-Dirk Schmitt over 11 years

@Bibokid If the content doesn't need authentication, it is o.k. But if the content is restricted via the web server, it should be also have a similar constraint in the filesystem. That is the reason why apache is normally using a www-data group.