Re: Bug#80343: general: Lack of policy on which files should be owned by which user

To: debian-devel@lists.debian.org
Subject: Re: Bug#80343: general: Lack of policy on which files should be owned by which user
From: Brian May <bam@debian.org>
Date: 26 Dec 2000 12:14:52 +1100
Message-id: <[🔎] 84y9x4gf03.fsf@snoopy.apana.org.au>
In-reply-to: hamish@debian.org's message of "26 Dec 00 00:48:35 GMT"
References: <[🔎] 20001222221312.4100.qmail@utopia> <[🔎] 0012231650490I.02330@lyta> <[🔎] 84puighwfa.fsf@snoopy.apana.org.au> <[🔎] 20001226114835.C21854@silly.cloud.net.au>

>>>>> "Hamish" == Hamish Moffatt <hamish@debian.org> writes:

    Hamish> On Tue, Dec 26, 2000 at 11:13:13AM +1100, Brian May wrote:
    >> However, the idea of one UID per daemon is (IMHO) a really
    >> horrible solution, too, as you end up having more UIDs for
    >> daemons then users.

    Hamish> Why is that a problem? There are 65536 available UIDs.

Well yes and no. On most desktop systems there never will be a problem.

Some potential problems though:

- easy to hide back-door entry point in /etc/passwd if lots of entries
exist (eg. missing password field). Whether this is by mistake
or done on purpose by an attacker is not important, but the fact it
is harder to detect may be important.

- As the number of entries grows, the chance that one/more entries
will conflict with some NIS, openldap or remote NFS system increases.
Especially since adduser, etc, do not support NIS or openldap.  I am
not sure of the details here - can adduser assign a local user a UID
that conflicts with that from some other source?

- harder to administrate /etc/passwd as more users exist.
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: Bug#80343: general: Lack of policy on which files should be owned by which user
  - From: "Eray Ozkural \(exa\)" <erayo@cs.bilkent.edu.tr>
- Re: Bug#80343: general: Lack of policy on which files should be owned by which user
  - From: Arthur Korn <arthur@korn.ch>

References:
- Bug#80343: general: Lack of policy on which files should be owned by which user
  - From: "KORN Andras" <korn@chardonnay.math.bme.hu>
- Bug#80343: general: Lack of policy on which files should be owned by which user
  - From: Russell Coker <russell@coker.com.au>
- Re: Bug#80343: general: Lack of policy on which files should be owned by which user
  - From: Brian May <bam@debian.org>
- Re: Bug#80343: general: Lack of policy on which files should be owned by which user
  - From: Hamish Moffatt <hamish@debian.org>

Prev by Date: Re: Bug#80343: general: Lack of policy on which files should be owned by which user
Next by Date: Re: Misclassification of packages; "libs" and "doc" sections
Previous by thread: Re: Bug#80343: general: Lack of policy on which files should be owned by which user
Next by thread: Re: Bug#80343: general: Lack of policy on which files should be owned by which user
Index(es):
- Date
- Thread