Hi all, interesting discussion started in openSUSE mailing list[1][2] and I would like to open up the same question on this mailing list.
Basically it is about the following problem. Citing parts of proposal: Many packages need to add user and group names for their unprivileged daemons. Many names are short for convenience, e.g. 'pop', 'vdr', 'tor' or 'znc'. Since there is no separate name space for system users those names may collide with names of real persons. Sharing a user name between a system user and a normal user leads to surprising or even security relevant misbehavior as the daemon user may write to files in the real user's home or vice versa. Conclusion, in short, is to prefix system users (with some exceptions like root or nobody) with underscore '_'. So you would get users like '_pop', '_vdr', '_tor' or '_znc'. OpenBSD already does that[3]. openSUSE proposal with more details can be seen on GitHub[4]. So the question is, what would you think about such a policy in Gentoo? [1] http://lists.opensuse.org/opensuse-factory/2014-03/msg00333.html [2] http://lists.opensuse.org/opensuse-packaging/2014-02/msg00136.html [3] http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/infrastructure/db/user.list?rev=HEAD;content-type=text%2Fplain [4] https://github.com/lnussel/osep_opensuse_usernames/blob/master/opensuse_usernames.txt -- Michal Hrusecky <mic...@hrusecky.net>
