On Fri, Jan 20, 2017 at 3:44 AM, Martin Schröder <mar...@oneiros.de> wrote:
> 2017-01-20 8:43 GMT+01:00 minek van <minek...@mail.com>: > > Could it bring more security if the UIDs/GUIDs would be random? > > Why? What's the attack you want to defend against? > I suppose there's some information leakage in the sense that any given OpenBSD server is much more likely to have a UID of 1005 than a UID of 10005. And the first dozen or two lines in /etc/passwd are the same for every OpenBSD installation. But is there an arena where an attacker could make effective use of this information? If you wanted a different UID/GID for all the service accounts (everything >0) you're going to have a significantly more complicated installer...indeed, the whole tarball distro method would need to be examined. Random UID/GIDs for user accounts are something an admin could already do without needing to change anything - just pick random numbers for the adduser flags. > Or something would be broken with random UIDs/GUIDs, ex.: NFS? Would it > only do pain? > > Yes. Not sure about that...it would certainly be a headache to change UIDs/GIDs if you already have them in place, but for setting up a new server/new accounts, nfs doesn't care what number you are (well, 0 excepted). Whether the algorithm is "last used +1" or arc4random, you have the same sync/directory problems regardless. That's for user accounts...service accounts might need a bit more thought. So in summary, if you want random UID/GID for user accounts, that's a one-liner shell script - go for it! But if you want random UID/GID for service accounts, I think there would need to be a lot more justification for what would be a lot more work. -- andrew fabbro and...@fabbro.org
