Re: [PROPOSAL] Chapter 15. Users & Groups: mininal UID for normal Users

To: tytso@MIT.EDU (Theodore Y. Ts'o)
Cc: johannes@caldera.de (Johannes Poehlmann), lsb-spec@lists.linuxbase.org
Subject: Re: [PROPOSAL] Chapter 15. Users & Groups: mininal UID for normal Users
From: Alan Cox <alan@lxorguk.ukuu.org.uk>
Date: Thu, 7 Dec 2000 14:27:17 +0000 (GMT)
Message-id: <[🔎] E144211-0002UU-00@the-village.bc.nu>
In-reply-to: <[🔎] 200012070525.AAA17754@tsx-prime.MIT.EDU> from "Theodore Y. Ts'o" at Dec 07, 2000 12:25:50 AM

> Let me raise a broader question.  Why is this in the LSB specification
> at all?  It's good practice for the distributions to follow, no doubt,
> but I don't think its within the scope of LSB, since how user groups are
> chosen is generally a matter of local sysadmin policy, and is generally
> irrelevant as far as application/distribution interoperability is
> concerned.  

I strongly disagree Ted. Good security practice says you give daemons their
own unique user name to get some compartmentalisation.

Now whether we say 500/500 or we say

	'useradd has the following extra flag to make it pick a system user'

[Note that if anyone wants to argue that they need to compile a userid into
 their app so can't do this, tough. Suppose two vendors picked the same ID.
 If you think that is unlikely then go read up on the birthday paradox]

Alan

Reply to:

Follow-Ups:
- Re: [PROPOSAL] Chapter 15. Users & Groups: mininal UID for normal Users
  - From: "Theodore Y. Ts'o" <tytso@MIT.EDU>

References:
- Re: [PROPOSAL] Chapter 15. Users & Groups: mininal UID for normal Users
  - From: "Theodore Y. Ts'o" <tytso@MIT.EDU>

Prev by Date: Re: [johannes@caldera.de: Comments on Chapter 17 (cron) of the LSB Spec]
Next by Date: Re: [johannes@caldera.de: Comments on Chapter 17 (cron) of the LSB Spec]
Previous by thread: Re: [PROPOSAL] Chapter 15. Users & Groups: mininal UID for normal Users
Next by thread: Re: [PROPOSAL] Chapter 15. Users & Groups: mininal UID for normal Users
Index(es):
- Date
- Thread