[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [PROPOSAL] Drop 30000-59999 uid/gid reservation

Wichert Akkerman wrote:
> Scary, why would it need so many uids?

You really don't want to know, but in brief it runs many different
processes that need to be very isolated from each other and have very
different permissions given to them. I allocate the uids from the pool
on the fly and use it for a kind of process sandboxing.

> At the moment we have a bit under 5000 free entries in the static
> system allocation range (60000-64999) and we still have 65000 up
> to 65533 reserved, so we are not short on space.

I wouldn't dare touch 1/5th or even 1/10th of the static space, and the
500 free at the upper end is not too many is it..

What if we change the "Reserved" for 30000-59999 to "Reserved for use
at local admin's discretion", and then something like my package can
just ask[1] if it's ok to use a set in that range; an admin who is using it
for something else like a large NIS or whatever can nix that request.

see shy jo

Attachment: pgpvY0VwNGM4X.pgp
Description: PGP signature

Reply to: