From owner-freebsd-security Wed Oct 13 15:17:48 1999 Delivered-To: freebsd-security@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id DF74514C9A for ; Wed, 13 Oct 1999 15:17:33 -0700 (PDT) (envelope-from robert@cyrus.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id RAA27018; Wed, 13 Oct 1999 17:14:01 -0400 (EDT) (envelope-from robert@cyrus.watson.org) Date: Wed, 13 Oct 1999 17:14:01 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org Reply-To: Robert Watson To: James Wyatt Cc: Greg Lewis , freebsd-security@freebsd.org Subject: Re: FreeSSH In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 13 Oct 1999, James Wyatt wrote: > On Wed, 13 Oct 1999, Greg Lewis wrote: > > In the interests of minimising bloat we could balance its inclusion by > > deleting something like, say, uucp. > > (:-) for the uucps users) > > As another heavy UUCP user on several machine here (and owner of CD sets > for 2.26/2.28/3.2/3.3/etc...) I wouldn't mind a wel-done package if it > still used /etc/uucp and added the UUCP user. I also would not mind it > being another optinal binset on the install. This actually raises another issue that is relevant to the packages/ports/etc system--the addition of new users for services. Some services (uucp, bind, postgres, www, etc..) require new services be added to the system. Some consistency in the allocation of uid's, and a formal policy for which uid's should be used might be nice :-). Maybe one exists and I have missed it... But adding users is clearly relevant to a system security policy. Removing users is also relevant--right now many ports that require user modification don't get packages, perhaps for this reason. But if more of the world uses packages, it would be nice to know if, say, pkg_add will overwrite a current user, or end up with a uid that already owns some files, and that pkg_delete would or would not remove the user in a consistent and complete way. Right now we encourage the use of uid's over 1000 for new users, but documenting this would be a good idea "local users SHOULD be given a unique uid >= 1000 -- values less than 1000 are reserved for built-in accounts, and for add-on packages" or the like. For the purposes of NFS, it seems desirable that when a package is installed, it use the same uid consistently? I'm not sure the correct course of action is clear in my mind, but whatever it is, it is certainly security-relevant. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message