In the documentation for preparing the system for SciDB installation, it says to create a user scidb and put it into sudoers. Just wondering why sudo NOPASSWD is needed for scidb user? When will the scidb user practice the sudoer privilege?
Not sure if this is the way sudo works, but I have a security concern for this. It’s also mentioned that all SciDB processes will be run as the scidb user, just like apache processes runs as apache user. But apache user can’t sudo to root, so if an apache process is compromised, it’s less destructive. However, if a SciDB process is compromised, it can do anything as root. Is that right?
Thanks for any hints or comments. Please correct me if I misunderstood.