I have just noticed that several RPMs attempt to create system accounts
with hardcoded user and group ids. This may cause account creation to
fail when that id is already in use so files and directories may end up
with the wrong owner/group and daemon processes may either impersonate
the wrong user or fail to change their uid/gid.
Is there a registry for these system accounts yet?
I would recommend at least a warning in the adduser manpage that using
the -r switch may cause problems later.
Tom
--
T h o m a s Z e h e t b a u e r ( TZ251 )
PGP encrypted mail preferred - KeyID 96FFCB89
finger thomasz@xxxxxxxxxxxxxx for key
History has shown that the people who make history do not learn from it.
Attachment:
signature.asc
Description: This is a digitally signed message part
