Bug#488821: apache2-suexec: suexec configuration change demands extensive system changes

[Stefan Fritsch <sf@debian.org>]

On Tuesday 01 July 2008, Michael Alan Dorman wrote:
> Your decision to suddenly change the minimum userid that suexec
> will allow breaks existing installations of totally unrelated
> software.

Nearly every configuration change in apache will break some system 
somewhere. That does not make this a critical bug.

> This represents a non-trivial amount of work for system
> administrators to ameliorate---coordinating the changing of a uid
> and some unknown quantity of files.
>
> Please reconsider this action.

Allowing suexec to change to random system users is bad from a 
security point of view. Therefore the minimum uid of 100 should be 
changed to some higher value. Now the question is if it is possible 
to make that change in a less disrupting way. A compromise would be 
to raise it to 200 and not 1000. This would exclude automatically 
created system accounts on most systems and mean a significant gain 
in security. Would this be helpful? Is the user you want to switch to 
created by some Debian package or have you created it manually?