Hi folks.
And another question for the next meeting, this time about the use of
userdel and groupdel in scripts after removal of a package.
I suspect for users/groups in the 1-100 uid/gid range this is not a
problem, but removing any users or groups that were added without a
specific uid or gid can be a security issue as those ids might get
reused for accounts that were added later.
Fedora Core doesn't contain any bad cases, but i've already spotted a
few ones in Fedora Extras.
So for a Package Review and Guideline that might be something we want to
take a look at for new packages or (if we ever do that) for a FC-Extras
review.
Read ya, Phil
--
Philipp Knirsch | Tel.: +49-711-96437-470
Development | Fax.: +49-711-96437-111
Red Hat GmbH | Email: Phil Knirsch <phil@xxxxxxxxx>
Hauptstaetterstr. 58 | Web: http://www.redhat.de/
D-70178 Stuttgart
Motd: You're only jealous cos the little penguins are talking to me.
--
Fedora-maintainers mailing list
Fedora-maintainers@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers
--
Fedora-maintainers-readonly mailing list
Fedora-maintainers-readonly@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
