Re: static UID/GID?
On Oct 17, Marco Budde <Marco.Budde@hqsys.antar.com> wrote:
>"MdI> Ifmail does not needs any additional GID, and AFAIK neither fidogate
>That's right, but does for example news need an own GID? That's not the
Yes:
-rwxr-sr-x 1 root news 18100 Apr 28 15:14 /usr/bin/rnews*
drwxrwsr-x 4 news news 1024 Sep 25 14:48 /var/spool/news/in.coming
>"MdI> >does. of the ftn and the dialout group. Is this a good resolution?
>"MdI> ftn should be a member of the dialout group, but it does not needs any
>"MdI> new group.
>Why do we need an own UID? fidogates Makefile uses news/news.
Because it's more secure. Every subsystem should run as a different UID.
>> If fidogate needs a group for security reasons then you
>"MdI> should use ftn, otherwise I don't think we need another group, uucp
>"MdI> works fine.
>Why should a Fido program use the uucp GID? This doesn't make any sense.
Because it's the one historically used. For any pratical purpose it could
be nogroup as well. Taylor uucp does not have any group readable or writable
file, nor ifmail: we don't have any security problem.
If we change the GID of ifmail we should change the GID of uucp too.
--
ciao,
Marco
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: