Re: Orphaned User Accounts?



Quoting Carlos Mennens on 2010-11-02 16:09:41:
I de-select EVERYTHING and after logging in I find:
(snip: list of static static uids from /etc/passwd)

understand why those accounts would appear but why do these accounts
appear in a fresh minimal installation with no trace of their

Is there a way to understand why Debian is configured so by default?
Are there official developers that browse this list that could give
insight to maybe a security reason or any other as to why we have
these 'orphaned' accounts in a fresh / new minimal install?

IANADD, although Policy 9.2.[12] may shed some light on why.

9.2.1 Some user ids (UIDs) and group ids (GIDs) are reserved
globally for use by certain packages. Because some
packages need to include files which are owned by these
users or groups, or need the ids compiled into binaries

9.2.2 0-99:

Globally allocated by the Debian project, the same on
every Debian system. These ids will appear in the passwd
and group files of all Debian systems, new ids in this
range being added automatically as the base-passwd
package is updated.

Packages which need a single statically allocated uid or
gid should use one of these; their maintainers should
ask the base-passwd maintainer for ids.

--
_ Brian Ryans 8B2A 54C4 E275 8CFD 8A7D 5D0B 0AD0 B014 C112 13D0 .
( ) ICQ 43190205 | Mail/Jabber/Yahoo/MSN: BrianLRyans@xxxxxxxxx ..:
X ASCII Ribbon Campaign Against HTML mail and v-cards: asciiribbon.org
/ \ Modern man has an approximately 140-character attention span. -- blr

Attachment: signature.asc
Description: Digital signature



Relevant Pages

  • Re: How to change user / group numbers in passwd/group?
    ... File a bug against those packages. ... a LOT of permissions problems will be created in a fairly large ... find out if there are any files or directories with the IDs: ... you probably will want to chown them to whatever new ID you ...
    (Fedora)
  • List of all IDs
    ... wants to export\import all packages and also have ... It doesn't support automation ... IDs that are used by SCCM?? ...
    (microsoft.public.sms.misc)
  • Re: [Full-disclosure] Suggestion for IDS
    ... >video surveillance camera protects anything. ... packages until cleared by said IDS? ... So what are the IDPS-ses you recommend? ...
    (Full-Disclosure)
  • Re: RPMs in FC13 with wrong or missing release
    ... missing release IDs. ... which is included in FC13. ... There are a lot of such packages and many packages with no release ID at ... release you should file an individual bugzilla entry for (ie evolution ...
    (Fedora)