[Adduser-devel] Bug#402288: adduser allows UIDs < 100
Tuukka Hastrup
Tuukka.Hastrup at iki.fi
Sat Dec 9 12:35:45 CET 2006
Package: adduser
Version: 3.100
According to the policy, UIDs and GIDs less than 100 are the same on all
Debian systems and come from the base-passwd package. The adduser man page
says adduser and addgroup "are friendlier front ends to tools like
useradd, groupadd and usermod programs, choosing Debian policy conformant
UID and GID values --." However, the programs don't enforce this policy
item or remind about it in the documentation.
The consequences of this bug in the worst case are the consequences of
having non-conformant IDs on the system. Those in turn depend on the
assumptions made based on the policy item.
I propose the following changes:
1. When adduser or addgroup is going to add an id < 100, it prints a
warning message about policy to stderr: "Warning! According to Debian
Policy, system administators shouldn't create UIDs < 100."
2. The adduser man page excerpt says "by default choosing" instead of
"choosing".
3. /etc/adduser.conf and the adduser.conf man page include in their
documentation of FIRST_SYSTEM_UID the note: "Please note that system
software may assume that UIDs less than 100 are unallocated."
--
-- Trying to catch me? Just follow up my Electric Fingerprints
-- To help you: Tuukka.Hastrup at iki.fi
http://www.iki.fi/Tuukka.Hastrup/
More information about the Adduser-devel
mailing list