1 |
On Wed, Mar 26, 2014 at 02:32:58PM +0100, Michal Hrusecky wrote: |
2 |
> Hi all, |
3 |
> |
4 |
> interesting discussion started in openSUSE mailing list[1][2] and I would like |
5 |
> to open up the same question on this mailing list. |
6 |
> |
7 |
> Basically it is about the following problem. Citing parts of proposal: |
8 |
> |
9 |
> Many packages need to add user and group names for their unprivileged daemons. |
10 |
> Many names are short for convenience, e.g. 'pop', 'vdr', 'tor' or 'znc'. Since |
11 |
> there is no separate name space for system users those names may collide with |
12 |
> names of real persons. Sharing a user name between a system user and a normal |
13 |
> user leads to surprising or even security relevant misbehavior as the daemon |
14 |
> user may write to files in the real user's home or vice versa. |
15 |
> |
16 |
> Conclusion, in short, is to prefix system users (with some exceptions like root |
17 |
> or nobody) with underscore '_'. So you would get users like '_pop', '_vdr', |
18 |
> '_tor' or '_znc'. OpenBSD already does that[3]. openSUSE proposal with more |
19 |
> details can be seen on GitHub[4]. |
20 |
> |
21 |
> So the question is, what would you think about such a policy in Gentoo? |
22 |
|
23 |
I'm in favor. It shouldn't be used as *the* check to make sure that an |
24 |
account is a functional (non-interactive/daemon) account (for that there is |
25 |
also the user id range and so on) but for visibility it's definitely worth |
26 |
persuing. |
27 |
|
28 |
Wkr, |
29 |
Sven Vermeulen |