I'm tidying up a server I inherited the control of, and I noticed
this section of code in /etc/init.d/nfs.client:
case "$1" in
if [ -x /usr/lib/nfs/statd -a -x /usr/lib/nfs/lockd ]
# Following line changed SCH 99/05/14 for statd security fix
# /usr/lib/nfs/statd > /dev/console 2>&1
su statd -c /usr/lib/nfs/statd > /dev/console 2>&1
/usr/lib/nfs/lockd > /dev/console 2>&1
I see that it's running /usr/lib/nfs/statd as a locally created user, statd,
instead of root, but is that necessary on a recently patched machine?
The question is: is this a necessary fix (I've never seen it before)?
The machine is currently running Solaris 2.5.1 with a pretty recent patch set,
and will shortly be upgraded to Solaris 7.
NT tries to do almost everything UNIX does, but fails - miserably.
The use of Windoze cripples the mind; its use should, therefore, be
regarded as a criminal offence. (With apologies to Edsger W. Dijkstra)
If it ain't analogue, it ain't music.
Voice: +1 (250) 763-6205
10. CONSOLE SECURITY