On Wed, Mar 26, 2014 at 02:32:58PM +0100, Michal Hrusecky wrote:
> Hi all,
>
> interesting discussion started in openSUSE mailing list[1][2] and I would like
> to open up the same question on this mailing list.
>
> Basically it is about the following problem. Citing parts of proposal:
>
> Many packages need to add user and group names for their unprivileged daemons.
> Many names are short for convenience, e.g. 'pop', 'vdr', 'tor' or 'znc'. Since
> there is no separate name space for system users those names may collide with
> names of real persons. Sharing a user name between a system user and a normal
> user leads to surprising or even security relevant misbehavior as the daemon
> user may write to files in the real user's home or vice versa.
>
> Conclusion, in short, is to prefix system users (with some exceptions like
> root
> or nobody) with underscore '_'. So you would get users like '_pop', '_vdr',
> '_tor' or '_znc'. OpenBSD already does that[3]. openSUSE proposal with more
> details can be seen on GitHub[4].
>
> So the question is, what would you think about such a policy in Gentoo?
I'm in favor. It shouldn't be used as *the* check to make sure that an
account is a functional (non-interactive/daemon) account (for that there is
also the user id range and so on) but for visibility it's definitely worth
persuing.
Wkr,
Sven Vermeulen
