8.4 Identifying Vibe’s Linux User and Group

For optimum security, Vibe should not run as the Linux root user. For example, if an intruder manages to assume the identity of the Vibe program, the intruder gains all the privileges of the commandeered process. If the process is running with root user privileges, the intruder has root access to your system. If the process is running as a user with minimal privileges, the intruder has only restricted access to your system. Therefore, your system is more secure if the Vibe program does not run as root. For example, you might want to create a user named vibeadmin for the Vibe program to run as. Linux users require a full name and a password.

In addition to creating a Linux user for the Vibe program to run as, you can also create a Linux group for that user to belong to. This enables the Vibe program to create directories and files with consistent ownership and permissions. For example, you might want to create a group named vibeadmin for the vibeadmin user to belong to. Groups do not require passwords.

As an alternative to creating a custom Linux user name and group for Vibe, you can use the existing wwwrun user name and the www group. This account is typically used to start web server processes.

BASIC VIBE INSTALLATION SUMMARY SHEET

Under User ID for Vibe, specify the non-root Linux user name and group name to use for running the Vibe program.

IMPORTANT:The non-root Linux user and group must exist before you start the Vibe Installation program. See Performing Pre-Installation Tasks on Linux.