Date: Mon, 17 Feb 2020 15:56:51 +0300 From: Anthony Pankov <ap00@mail.ru> To: Igor Mozolevsky <igor@hybrid-lab.co.uk> Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: is there a future for user accounting (getpw* replacement) Message-ID: <419974027.20200217155651@mail.ru> In-Reply-To: <CADWvR2hG_gWYK=HZsDf5XRR%2BHq2%2B9c-KeUP3Cj0H4ZQOzRpPyw@mail.gmail.com> References: <661730512.20200217141432@mail.ru> <CADWvR2hG_gWYK=HZsDf5XRR%2BHq2%2B9c-KeUP3Cj0H4ZQOzRpPyw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
=C7=E4=F0=E0=E2=F1=F2=E2=F3=E9=F2=E5, Igor. =C2=FB =EF=E8=F1=E0=EB=E8 17 =F4=E5=E2=F0=E0=EB=FF 2020 =E3., 15:01:14: > On Mon, 17 Feb 2020 at 11:15, Anthony Pankov via freebsd-hackers > <freebsd-hackers@freebsd.org> wrote: >> >> Greetings, >> >> I'm wondering has anybody any thoughts about user accounting >> provided at the system level? >> >> It seems that getpw* doesn't suit the needs of application services. >> All applications has some external/internal mechanism for storing and >> retrieving user properties (settings, roles etc). Furthermore they >> implement own security policy based on this mechanism. >> >> Mostly it is done via LDAP connection or internal store (as for database= ). >> >> It seems that all application developers will be more happy if OS will >> have a few functions to do the things such as: >> - list users of some type; >> - get user properties specific to application; >> - get user roles specific to application >> -? >> >> Does anybody has thoughts about what OS must provide to keep >> applications consistency and make developers happier? > I think it's dangerous to conflate *application* users with *system* > users, why would you want to do that in the first place? That is the question! First of all, I think there was no technical opportunity to conflate applications and system users at least because uid_t is 65535 max and lack of custom user properties. I can note some Cons for splitting *application* and *system* users: - users of one application is not a users of another application by design. Applications is hard to integrate (yes, there is ldap but...); - each application has own accounting implementation which enlarge attack surface. Furthermore, application developers do not really want to implement any user accounting parts because it is far away from application functioning. As a result it usually implemented "somehow". - applications users are out of system control. There is a system users, application users, and daemons. It seems there is no chance to do the thing really right in mean of access control of entire system (OS +applications). - etc. --=20 =D1 =F3=E2=E0=E6=E5=ED=E8=E5=EC, Anthony mailto:ap00@mail.ru
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?419974027.20200217155651>