From owner-cvs-all  Wed Oct 17 12:50:50 2001
Delivered-To: cvs-all@freebsd.org
Received: from TheWorld.com (pcls2.std.com [199.172.62.104])
	by hub.freebsd.org (Postfix) with ESMTP id 2A54A37B403
	for <cvs-all@freebsd.org>; Wed, 17 Oct 2001 12:50:46 -0700 (PDT)
Received: from world.std.com (arwen@world-f.std.com [199.172.62.5])
	by TheWorld.com (8.9.3/8.9.3) with ESMTP id PAA11901;
	Wed, 17 Oct 2001 15:42:18 -0400
Received: (from kwc@localhost)
	by world.std.com (8.9.3/8.9.3) id PAA27945;
	Wed, 17 Oct 2001 15:42:15 -0400 (EDT)
Date: Wed, 17 Oct 2001 15:42:15 -0400 (EDT)
From: Kenneth W Cochran <kwc@world.std.com>
Message-Id: <200110171942.PAA27945@world.std.com>
To: josb@cncdsl.com
Subject: Re: cvs commit: src/etc group master.passwd
Cc: cvs-all@freebsd.org
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

Ok...  Just a suggestion anyway.  As long as things are
documented, I have no really strong feelings either way.  I
(& others :) think "separating" the webserver from other things
(in nobody:nogroup) is a Good Thing(tm).  :)

The rationale I was thinking of is as follows:

1.  user = program-name, group = service-name
2.  User & group both different & "unique" within the system;
reason - faster & easier determination of "who" is doing "what"
(i.e. while pouring over system logs in the middle of the night
with insufficient caffiene-load... ;)  "Hmmm, is that "user"-www
or "group"-www?"  :)

The "beginning" of that rationale is the user:group choice for
named/bind.  Currently, that is bind:bind.  Under the "plan" I
mentioned, that might be something like "bind:dns" but whoever set
that up did so some time ago & probably for Very Good Reason...

Anyway, just a suggestion; www:www seems rather "customary"
anyway & I could live with that just fine, too.

-kc

>Date: Wed, 17 Oct 2001 11:00:55 -0701
>From: Jos Backus <josb@cncdsl.com>
>To: cvs-all@freebsd.org
>Subject: Re: cvs commit: /src/etc/ group master.passwd
>Reply-To: Jos Backus <josb@cncdsl.com>
>Mail-Followup-To: cvs-all@freebsd.org
>
>On Wed, Oct 17, 2001 at 10:35:43AM -0400, Kenneth W Cochran wrote:
>> I just now saw the commit adding www:www (80:80) to
>> /etc/{master.passwd,group}.  Might I suggest consideration
>> that the Apache *user* be "apache," i.e. "apache:www (80:80)."
>
>I would argue against this: it should be the name of a service, not the name
>of a particular provider of that service.
>
>-- 
>Jos Backus                 _/  _/_/_/        Santa Clara, CA
>                          _/  _/   _/
>                         _/  _/_/_/             
>                    _/  _/  _/    _/
>josb@cncdsl.com     _/_/   _/_/_/            use Std::Disclaimer;

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message