From owner-cvs-all  Wed Oct 17  8:35:30 2001
Delivered-To: cvs-all@freebsd.org
Received: from aldan.algebra.com (aldan.algebra.com [216.254.65.224])
	by hub.freebsd.org (Postfix) with ESMTP
	id C818437B405; Wed, 17 Oct 2001 08:35:13 -0700 (PDT)
Received: from aldan.algebra.com (localhost [127.0.0.1])
	by aldan.algebra.com (8.11.6/8.11.5) with ESMTP id f9HFWPZ03294;
	Wed, 17 Oct 2001 11:32:26 -0400 (EDT)
	(envelope-from mi@aldan.algebra.com)
Message-Id: <200110171532.f9HFWPZ03294@aldan.algebra.com>
Date: Wed, 17 Oct 2001 11:32:22 -0400 (EDT)
From: Mikhail Teterin <mi@aldan.algebra.com>
Subject: Re: cvs commit: src/etc group master.passwd
To: rwatson@FreeBSD.org
Cc: ache@FreeBSD.org, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
In-Reply-To: <Pine.NEB.3.96L.1011017100858.30170B-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/plain; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

On 17 Oct, Robert Watson wrote:
> This is  good to see --  the whole nobody:nobody thing  has worried me
> for a while,  as it's used by  a number of daemons to  create a shared
> sandbox, and a  failure of one daemon  can lead to the  failure of all
> others,  as  well  as  potential  privilege  escalation  due  to  poor
> sandboxing techniques by any of those daemons.

My few pennies :) First, there are plenty of other nobody:nogroup pieces
running. Squid,  for example  and it owns  A LOT of  files on  a typical
installation.

Second, may be, it is time to start thinking about some sort of a bridge
between  the  /etc/services  and  /etc/passwd*.  So,  that  each  daemon
providing  a service  is  (or can  easily be  made)  running under  that
special user name and a (somehow derived) id. Very futuristic :)

Third,  I don't  think the  Apache  port needs  to install  the user  on
systems,  which don't  have  it  already. If  they  already have  Apache
installed (previous version),  there will be plenty of work  for them to
do anyway -- manually setting the permissions. It would be better, IMHO,
if Apache did start  for them at all (with the  uknown user error), than
if it started,  but began failing on _some_ pages.  The port should just
warn them, I think.

-- 
                         |\__-----__/|
                    _____/ :::::  :::\_____  
                   '__--( ::::::::..::)--__`	-mi
If you have a      /  _- \/  :::::::\/ -_  
serious knowledge    /   / :.   .::::\   \
about computers --      | ::::::::::::|  	Ok, let's say you broke 
keep it in a secret!   _|/ ::::____::\|_	the wall with your head
"Rules of dating",   /  /:::::/:_::\::\:.\      What are you going to
'Playboy', ? 1994   | :|  ..:(_/ \::|::|::|	do in the next cell?
                    | :|:::::. ::|: |::|.:|	      Stanislaw J. Lec
                     \ |::  :::_/::/: :|:/
                   ((___\____\____/___/___))



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message