From owner-freebsd-ports@FreeBSD.ORG Sat May 22 22:54:44 2010 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C745E1065670 for ; Sat, 22 May 2010 22:54:44 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-ww0-f54.google.com (mail-ww0-f54.google.com [74.125.82.54]) by mx1.freebsd.org (Postfix) with ESMTP id 87DE08FC08 for ; Sat, 22 May 2010 22:54:42 +0000 (UTC) Received: by wwb18 with SMTP id 18so1727961wwb.13 for ; Sat, 22 May 2010 15:54:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type:content-transfer-encoding; bh=h7ePzYV+CPPZpPbv8FfyQy0s3uql0z9ymOecRdYJORI=; b=UuugHUO6msVz0PniiViobECjRxVAN5Vpz8Y9PphDP2EyEEk61MzYmbtIailNbY+NFE xyGLcifQbWDIn18mnbZFFOK4l+ys0qVmLtJKbBYPVdZKk1CQiDMqg4LiZdbJKkhCzA90 SAygJ4bwkZPa8zQyOQLlW+0KQrUai6mRgqyYY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=tNTbr4NWn1vBbEFBJP3nR6cI7/6r/F+BFd5gpzGi8XrU/9rFS4R1cpWhXntzwQX5ty yV7ILu8vE6lL/3bmuVCqjcZtiHb/CSU52O3OQqlh+QgKHrBFFs95ykWOf54Bp8hGYnI7 1POeFIEos/5skdTxZIqwWBHG43VhsgzgqhZfI= Received: by 10.216.87.143 with SMTP id y15mr2011575wee.104.1274568881043; Sat, 22 May 2010 15:54:41 -0700 (PDT) Received: from gumby.homeunix.com (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mx.google.com with ESMTPS id 16sm1172759ewy.3.2010.05.22.15.54.36 (version=SSLv3 cipher=RC4-MD5); Sat, 22 May 2010 15:54:40 -0700 (PDT) Date: Sat, 22 May 2010 23:54:25 +0100 From: RW To: ports@freebsd.org Message-ID: <20100522235425.1ab2c504@gumby.homeunix.com> In-Reply-To: <4BF7FB7D.1010501@dataix.net> References: <20100522005313.26dcfbdb@gumby.homeunix.com> <4BF787E2.9010907@dataix.net> <20100522120815.063975ae@gumby.homeunix.com> <4BF7C6EE.3010001@dataix.net> <20100522134212.3d5447a8@gumby.homeunix.com> <4BF7FB7D.1010501@dataix.net> X-Mailer: Claws Mail 3.7.6 (GTK+ 2.20.1; i386-portbld-freebsd8.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: Subject: Re: Users and groups kept after a port deinstallation X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 May 2010 22:54:44 -0000 On Sat, 22 May 2010 11:42:53 -0400 jhell wrote: > >>>> Having unused logins on a system is bad! > >>> > >>> Why? > >> > >> For one example: > >> This opens up a point of possible access to the system in which its > >> integrity could be jeopardized. What all the implications are of > >> this is out of scope for this thread. > > > > These are unprivileged accounts without passwords - you need root > > privileges to use them. Nothing is going to be running under them or > > they wouldn't be candidates for removal in the first place. > > Are we arguing the point that these should just be left or can we come > to a point like I stated in the previous email that you so gracefully > chopped out that stated: If they are to be left in the system a admin > should be notified or they should be automatically removed upon > package removal. If there are no security concerns, the rest is just a bike shed > This is more of a best practices case than what the implications of > leaving users in the master.passwd are. > Why is it best practice? Why add extra complexity to solve a problem that doesn't actually exist?