Re: daemon user naming scheme

To: debian-devel@lists.debian.org
Subject: Re: daemon user naming scheme
From: Thorsten Glaser <tg@debian.org>
Date: Fri, 5 Sep 2014 17:13:16 +0200
Message-id: <[🔎] alpine.DEB.2.11.1409051712300.31780@tglase.lan.tarent.de>
In-reply-to: <[🔎] 21513.53418.4646.993382@chiark.greenend.org.uk>
References: <53FB3392.9040506@rezozer.net> <53FB4DE2.9060207@debian.org> <53FB5456.2090303@rezozer.net> <53FB72D0.2050601@rezozer.net> <53FB8872.7050105@debian.org> <[🔎] 21513.53418.4646.993382@chiark.greenend.org.uk>

On Fri, 5 Sep 2014, Ian Jackson wrote:

> Simon McVittie writes ("Re: daemon user naming scheme"):
> > It is reasonable to use /var/lib/foo (or /run/foo or /var/cache/foo or
> > /var/games/foo) as the home directory of a system user whose name is
> > _foo, debian-foo, Debian-foo or whatever.
> 
> You need to be careful that the directory chosen never has undesirable
> permissions, since there are many ways that access can be granted to a
> user foo by putting things in ~foo.

You could use /nonexistent as dæmon user home directory,
but only if pam_mkhomedir gets patched to never create it…

bye,
//mirabilos
-- 
15:41⎜<Lo-lan-do:#fusionforge> Somebody write a testsuite for helloworld :-)

Reply to:

References:
- Re: daemon user naming scheme
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>

Prev by Date: Re: daemon user naming scheme
Next by Date: Re: systemd, again (Re: Cinnamon environment now available in testing)
Previous by thread: Re: daemon user naming scheme
Next by thread: Bug#760586: ITP: python-pint -- define, operate and manipulate physical quantities
Index(es):
- Date
- Thread