On Sat, Mar 10, 2007 at 11:16:47AM +0100, Enrico Scholz wrote: > Axel Thimm <Axel.Thimm@xxxxxxxxxx> writes: > > > Indeed, most of the packages we're talking about (if not all) don't > > need a fixed uid/gid at all. > > When a package/daemon writes files and/or reads files which are protected > by file permissions, it is a good candidate for fixed uids. Don't userdel the user. That's all there is to it. Check out httpd, a prominent package which can have sensitive data underneath its user. -- Axel.Thimm at ATrpms.net
Attachment:
pgp7D7zuQo1CW.pgp
Description: PGP signature
-- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers
-- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
