| 1 |
On Wed, Mar 26, 2014 at 02:32:58PM +0100, Michal Hrusecky wrote: |
| 2 |
> Hi all, |
| 3 |
> |
| 4 |
> interesting discussion started in openSUSE mailing list[1][2] and I would like |
| 5 |
> to open up the same question on this mailing list. |
| 6 |
> |
| 7 |
> Basically it is about the following problem. Citing parts of proposal: |
| 8 |
> |
| 9 |
> Many packages need to add user and group names for their unprivileged daemons. |
| 10 |
> Many names are short for convenience, e.g. 'pop', 'vdr', 'tor' or 'znc'. Since |
| 11 |
> there is no separate name space for system users those names may collide with |
| 12 |
> names of real persons. Sharing a user name between a system user and a normal |
| 13 |
> user leads to surprising or even security relevant misbehavior as the daemon |
| 14 |
> user may write to files in the real user's home or vice versa. |
| 15 |
> |
| 16 |
> Conclusion, in short, is to prefix system users (with some exceptions like root |
| 17 |
> or nobody) with underscore '_'. So you would get users like '_pop', '_vdr', |
| 18 |
> '_tor' or '_znc'. OpenBSD already does that[3]. openSUSE proposal with more |
| 19 |
> details can be seen on GitHub[4]. |
| 20 |
> |
| 21 |
> So the question is, what would you think about such a policy in Gentoo? |
| 22 |
|
| 23 |
I'm in favor. It shouldn't be used as *the* check to make sure that an |
| 24 |
account is a functional (non-interactive/daemon) account (for that there is |
| 25 |
also the user id range and so on) but for visibility it's definitely worth |
| 26 |
persuing. |
| 27 |
|
| 28 |
Wkr, |
| 29 |
Sven Vermeulen |
Archives