tech-security: Re: Minor /etc/security problems

Subject: Re: Minor /etc/security problems
To: None <tech-security@netbsd.org>
From: Michael C. Richardson <mcr@sandelman.ottawa.on.ca>
List: tech-security
Date: 12/30/1998 19:06:35
>>>>> "Martin" == Martin J Laubach <mjl@emsi.priv.at> writes:
    Martin> But having some deactivated account in the distribution "just in
    Martin> case" is not what I'd call a good solution.

    Martin> For one, it's inconsistent with all the other packages -- NetBSD
    Martin> doesn't ship with a http, a squid, a backup, a you-name-it
    Martin> account, just because someone somewhere might have a need for it.

  I agree with both you and Curt.

  Creating accounts, once you know the UID to use, there is no problem,
but I still don't really want the account automatically created.

  What I suggest is that we set aside from stock UIDs for all those things
that you mention. Perhaps we should have /etc/reserved.passwd, which contains
lines which can be copied to /etc/master.passwd by some simple command. The
"required" account can be listed in the pkg system, and if it sees something
in /etc/reserved.passwd, then it can say:
	"The foobar package requires an account named 'foobar'. There is
	such an account reserved which you can enable, or you can enter the
	name of another account: [(e)nable/(o)ther/(a)bort]"

  And... I hate to mention it, but it would be nice they happened to
correspond to the default IDs used on Linux and Solaris machines. 

  We *go* have: "games", "uucp", "ingres" and "falken".

  I'd like to see some of these removed. (UUCP stuff probably belongs in
a sepereate dist set. Probably one that also has a non-MX-enabled sendmail
available)

    Martin> with whatever UID one likes before. Or perhaps the packages
    Martin> shouldn't create accounts on their own at all (I'd prefer that
    Martin> variant, I was quite upset when the amanda package created a
    Martin> 'backup' user), but instead just complain that the account is not
    Martin> there, and one should pretty please create it beforehand.

  Yes. This is a good idea, but one reason to have pkg's available is to
make life easier for non-experts. 
  
   :!mcr!:            |  Network and security consulting/contract programming
   Michael Richardson |         Firewalls, TCP/IP and Unix administration
 Personal: http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html
 Corporate: http://www.sandelman.ottawa.on.ca/SSW/
	ON HUMILITY: To err is human, to moo bovine.