Re: uid/gid - comments?
> Yes, but they're configurable at build time, which is problematic if the
> uid/gid is already taken on the system on which they're installed.
changeing the user name will also affect
- setuid programs
- crontab files, cron.daily/monthly/weekly files
- inetd.conf entries
- some daemons have config files where
you can change the user id (apache).
so, please don't use your proposed config files.
the bigger packages are not soo easy to change (e.g. uucp has many user
setuid/setgrp files and dirs), and the smaller allow to use different
user id's anyway (apache, some daemons started via inetd.conf, ...).
> But sometimes they're compiled directly into the binary.
ok. change the user id of your local user, or compile your own package.
sure, debian should have a list of all user id's, complete with a document
why this user id is necessary, what files will be owned by that user id, what
packages are affected ... some sort of a security system manual.
> No-one will have to learn the concept if it doesn't affect them (it all
> happens in the magic {pre,post}{inst,rm}'s).
sorry, i want to know what my system is doing. and lot's of people think so.
that's why we don't like windows: it's horrible to find out what the hell
windows and it's applications are doing. same for suse and it's "yast"
applications and rc.config file.
i'm sorry, but i know too many buggy postrm/inst scripts to think they
are a good idea. in some situations, yes. but not for general purpose.
andreas
Reply to: