Fixed uid space only half full? (was: Fedora User Management (revisited))
Nicolas Mailhot
nicolas.mailhot at laposte.net
Sun Mar 11 08:45:57 UTC 2007
Le dimanche 11 mars 2007 à 01:12 +0100, Axel Thimm a écrit :
> On Sat, Mar 10, 2007 at 05:32:03PM +0100, Nicolas Mailhot wrote:
> > Please can we kill the "fixed UID are useless", [...]
>
> > The *only* problem is this range is full, not that it should or should
> > not exist. Any other argument is not worth the bytes expended on it.
> Maybe some quick review will give us 42 *fixed* uids, and I'm
> sure that's more than enough for the next 1-2 years (e.g. until
> F9/10/RHEL6. And until then we can talk with the LSB to change the
> system fixed/non-fixed uid ranges and prepare a sensitive and
> compliant setup to last for the next decade.
IMHO trying to be smarter at fixed UID attribution is a dead end. We've
been hitting the limit for some years now, and getting smart just didn't
happen. It won't now — it's just too much work to evaluate the threshold
between fixed/dynamic (taking into account past of future versions of a
package, build and configure options, local site usages, etc)
A KISS policy "every rpm-created system ID has a fixed uid referenced in
this table" is the only sane approach. Except for the problem of
short-sighted range limit, UIDs are cheap and not worth spending hours
over.
--
Nicolas Mailhot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://listman.redhat.com/archives/fedora-maintainers/attachments/20070311/618bb622/attachment.sig>
More information about the Fedora-maintainers
mailing list