* Andreas Barth (aba@not.so.argh.org) wrote: > * Stephen Frost (sfrost@snowman.net) [051026 20:46]: > > Additionally, this is *not* a problem with the orphaning of the file, > > it's a problem with the reuse of a previously-used uid. I could see > > adding a system to track previously-used uids and not reusing them. I > > don't believe using passwd for that (and keeping unused accounts in > > passwd/shadow/group/gshadow/etc) is appropriate. It would seem enough > > to me, at least, to keep an ever-increasing counter where the current > > value is the next available uid. This could be reset if it reaches the > > max, or an error presented to the user about it or some such. > > Well, I could see us to build such a system. But this system isn't there > - and IMHO the next working way to prevent uids of being reused is to > keep the account in question (perhaps locked etc, as suggested > elsewhere). > > Anything else is IMHO plainly broken. Leaving around unused accounts is plainly wrong too, and also a potential security risk. If we're going to try to push for a broad change in how this is handled then let's do it the *right* way by creating such a system as I described above, not by breaking the system to leave unused accounts around. Thanks, Stephen
Attachment:
signature.asc
Description: Digital signature