[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bits from the release team: the plans for etch

* Andreas Barth (aba@not.so.argh.org) wrote:
> * Stephen Frost (sfrost@snowman.net) [051026 20:46]:
> > Additionally, this is *not* a problem with the orphaning of the file,
> > it's a problem with the reuse of a previously-used uid.  I could see
> > adding a system to track previously-used uids and not reusing them.  I
> > don't believe using passwd for that (and keeping unused accounts in
> > passwd/shadow/group/gshadow/etc) is appropriate.  It would seem enough
> > to me, at least, to keep an ever-increasing counter where the current
> > value is the next available uid.  This could be reset if it reaches the
> > max, or an error presented to the user about it or some such.
> Well, I could see us to build such a system. But this system isn't there
> - and IMHO the next working way to prevent uids of being reused is to
> keep the account in question (perhaps locked etc, as suggested
> elsewhere).
> Anything else is IMHO plainly broken.

Leaving around unused accounts is plainly wrong too, and also a
potential security risk.  If we're going to try to push for a broad
change in how this is handled then let's do it the *right* way by
creating such a system as I described above, not by breaking the system
to leave unused accounts around.



Attachment: signature.asc
Description: Digital signature

Reply to: