[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Question about userdel/groupdel usage in uninstall scripts



Hi folks.

And another question for the next meeting, this time about the use of userdel and groupdel in scripts after removal of a package.

I suspect for users/groups in the 1-100 uid/gid range this is not a problem, but removing any users or groups that were added without a specific uid or gid can be a security issue as those ids might get reused for accounts that were added later.

Fedora Core doesn't contain any bad cases, but i've already spotted a few ones in Fedora Extras.

So for a Package Review and Guideline that might be something we want to take a look at for new packages or (if we ever do that) for a FC-Extras review.

Read ya, Phil

--
Philipp Knirsch      | Tel.:  +49-711-96437-470
Development          | Fax.:  +49-711-96437-111
Red Hat GmbH         | Email: Phil Knirsch <phil redhat de>
Hauptstaetterstr. 58 | Web:   http://www.redhat.de/
D-70178 Stuttgart
Motd:  You're only jealous cos the little penguins are talking to me.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]