3.9 Planning Site Security

3.9.1 Vibe Site Administrator Password

When you first log in to the Novell Vibe site, you use admin as the Vibe administrator username and admin as the password. You should immediately change the password to one of your own choosing.

BASIC VIBE INSTALLATION SUMMARY SHEET

Under Vibe Administrator Credentials, specify the password that you want to use whenever you log in as the Vibe site administrator.

3.9.2 Linux User ID for Vibe

For optimum security, Vibe should not run as the Linux root user. For example, if an intruder manages to assume the identity of the Vibe program, the intruder gains all the privileges of the commandeered process. If the process is running with root user privileges, the intruder has root access to your system. If the process is running as a user with minimal privileges, the intruder has only restricted access to your system. Therefore, your system is more secure if the Vibe program does not run as root. For example, you might want to create a user named vibeadmin for the Vibe program to run as. Linux users require a full name and a password.

In addition to creating a Linux user for the Vibe program to run as, you can also create a Linux group for that user to belong to. This enables the Vibe program to create directories and files with consistent ownership and permissions. For example, you might want to create a group named vibeadmin for the vibeadmin user to belong to. Groups do not require passwords.

As an alternative to creating a custom Linux username and group for Vibe, you can use the existing wwwrun username and the www group. This account is typically used to start Web server processes.

BASIC VIBE INSTALLATION SUMMARY SHEET

Under Linux Username and Group, specify the non-root Linux username and group name to use for running the Vibe program. If you are creating a new Linux user, specify its full name and password.

IMPORTANT:The non-root Linux username and group must exist before you start the Vibe Installation program. Instructions for creating the username and group are provided in Section 4.1.1, Performing Pre-Installation Tasks on Linux.