From owner-cvs-all Thu Oct 18 9:41:47 2001 Delivered-To: cvs-all@freebsd.org Received: from femail18.sdc1.sfba.home.com (femail18.sdc1.sfba.home.com [24.0.95.145]) by hub.freebsd.org (Postfix) with ESMTP id BD2BF37B403; Thu, 18 Oct 2001 09:41:37 -0700 (PDT) Received: from laptop.baldwin.cx ([24.2.39.156]) by femail18.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP id <20011018164136.CDNC27771.femail18.sdc1.sfba.home.com@laptop.baldwin.cx>; Thu, 18 Oct 2001 09:41:36 -0700 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <20011017140633.B64561@coffee.q9media.com> Date: Thu, 18 Oct 2001 09:41:36 -0700 (PDT) From: John Baldwin To: Mike Barcroft Subject: Re: cvs commit: src/etc group master.passwd Cc: cvs-all@FreeBSD.org, cvs-committers@FreeBSD.org, "Andrey A. Chernov" , Christopher Masto Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 17-Oct-01 Mike Barcroft wrote: > Christopher Masto writes: >> On Wed, 2001-10-17 at 14:34, Mike Barcroft wrote: >> > No, but enough installations require a www pseudo-user to make this >> > change worthwhile. >> >> Why can't that user be created as needed? I already have an "apache" >> user and group on my web servers - I create them when I install Apache. >> I also have users on various machines for PostgreSQL, Cyrus, GDM, >> NetSaint, MySQL, Courier, Gale, and Minivend, among others. But I don't >> suggest that my needs should be added to the FreeBSD base system. > > The aformentioned software packages would be candidates for specific > user accounts in the base system if there was enough of a userbase to > justify their inclusion. > >> What's special about "www"? (Apart from being a horrible >> unpronounceable word that's bugged me since it first appeared.) > > It's a somewhat generic username that's applicable to most web > servers. It's not in the base system. Period. People may already use this uid. In fact, why the number 80? Only the name is important, the number is irrelevant in all honesty. The port should just pick an unused uid and gid during it's install, adn this is the _port_'s job to create this user. Having a util in the base system (gee, we have pw already) to create the user and group in a standard fashion that ports can use is fine, but we don't need to add users for things that aren't in the base system. Also, which user a local admin uses for their daemons is a lcoal policy decision. FreeBSD should not be setting that policy. I can see the arguments for having each server run under its own dedicated user to isolate services from each other in the case of a compromise, but this is a local policy decision, not something FreeBSD should cram down people's throats. I request that the www user and group be backed out. If we had a web server in the base system, this might be different (like the bind user and the presently non-existent but potential sendmail/smtp/mail user), but since web servers are currently all in ports, the ports install is where the user add belongs. -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message