On Thu, 2007-06-14 at 17:25 +0200, Axel Thimm wrote:
On Thu, Jun 14, 2007 at 08:40:16AM -0500, Tom spot Callaway wrote:
> On Thu, 2007-06-14 at 10:19 +0200, Axel Thimm wrote:
> > On Wed, Jun 13, 2007 at 11:45:27PM -0500, Tom spot Callaway wrote:
> > > I'm not quite sure I'm ready to bring this to the FPC for a vote,
> > > I've been working on a modified version of Ville's draft:
> > >
> > > http://fedoraproject.org/wiki/TomCallaway/UsersAndGroupsDraft
> > >
> > > While this is more complicated, I think it more adequately covers the
> > > corner cases of adding users and groups. Thoughts?
> > It is far too complicated, Ville's version did the job already quite
> > well. You're also introducing non-standard tools again. :/
> Not really. The tools I introduced are helper scripts.
> Ville's draft only created the user/group if it didn't exist, and if
> not, didn't, but left the files owned as that user/group. That security
> issue concerns me.
Yes, but the proposed complicated apparatus does not justify
this. Better to have %pre fail then and deal with the transaction
mess. After all how often will a sysadmin have created a non-system
user "amanda" (and accidentially install amanda w/o remembeing that he
had such a user)?
Axel, you couldn't choose a worst example :)
Amanda is also a real name (female in Italy), so it is plausible that
you have such user in your system.
It is also entirely possible that the admin does not know that such user
exists as users may come from ldap,nis,winbindd and not created by such
admin but by someone else.
I think at least a check to see if the "amanda" user is < 1000 would
make a lot of sense.