I am pretty sure the packaging guideliness should say very clearly that it is not OK for daemons packaged for Fedora to run as "nobody" user, and instead all packages that need a system user should register their own.
Why? because all services running as "nobody" can access each other's resources.
Also see discussion around here:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Q5GCKZ7Q7PAUQW66EV7IBJGSRJWYXBBH/
Not sure how the wording should be looking like precisely, but maybe something as simple as this would suffice:
"System services packaged for Fedora may not use run as the 'nobody' user, but must allocate their own system user to run as".
{{{
[Unit] Description=Distccd A Distributed Compilation Server After=network.target
[Service] User=nobody ... }}}
Also {{{ USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND nobody 2179 0.0 0.0 51132 896 ? S May31 0:01 /sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper }}} This dnsmasq is started by libvirt.service.
In case I miss the meeting, I'm 100% behind this but I'm not entirely sure where in the guidelines this should actually go. Probably immediately under https://fedoraproject.org/wiki/Packaging:Guidelines#Users_and_Groups
We discussed this at this weeks meeting (http://meetbot.fedoraproject.org/fedora-meeting-1/2016-08-11/fpc.2016-08-11-16.00.txt):
Announcement text:
The running of system daemons as the "nobody" user has been forbidden.
Metadata Update from @tibbs: - Issue assigned to tibbs
Login to comment on this ticket.