Re: [PROPOSAL] Chapter 15. Users & Groups: mininal UID for normal Users
> Let me raise a broader question. Why is this in the LSB specification
> at all? It's good practice for the distributions to follow, no doubt,
> but I don't think its within the scope of LSB, since how user groups are
> chosen is generally a matter of local sysadmin policy, and is generally
> irrelevant as far as application/distribution interoperability is
> concerned.
I strongly disagree Ted. Good security practice says you give daemons their
own unique user name to get some compartmentalisation.
Now whether we say 500/500 or we say
'useradd has the following extra flag to make it pick a system user'
[Note that if anyone wants to argue that they need to compile a userid into
their app so can't do this, tough. Suppose two vendors picked the same ID.
If you think that is unlikely then go read up on the birthday paradox]
Alan
Reply to: