[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFC] adding system users: which is the best way??

Russ Allbery <rra@stanford.edu> writes:

> It may be worth considering using the technique that Dan Bernstein
> advocates for these sorts of users, namely pre-pending those names with a
> single capital letter.

> There's a fair bit of discussion about this particular technique and why
> it was chosen at <http://cr.yp.to/unixaccount.html>.

Unfortunately, it looks like I was misremembering, and the discussion that
I was thinking of was in a mailing list post rather than on the web page,
and it doesn't appear to be archived anywhere.

OpenBSD is apparently (per mailing list posts on the web) doing something
similar but using leading underscores instead, as suggested by someone
else in this thread.  That would seem to have similar properties, although
one advantage of the capital letter scheme is that you can have various
types of system accounts easily and distinguish (such as the example of
PPP or SLIP accounts).

Another advantage is that most user addition tools disallow capital
letters by default, which means it's far less likely that a user will
create an account by the same name; this advantage is shared with leading
underscores, but may not necessarily be shared with "debian-" (although
the length will probably dissuade people).

Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>

Reply to: