Heyho,
Quentin Rameau wrote:
> > > Just a question though, do we need to set a group to drop privileges
> > > to? Wouldn't getting the gid out of the user name sufficient?
> >
> > why cut the flexibility there?
> It looks more simple to me to just give a user to drop privileges to.
> A user always has a group attached to it, I guess if you setup a user
> to give out all privileges, the corresponding group will be the same.
> I'm not against having it, just raising the question as imho it
> introduces (relative) configuration complexity rather than flexibility.
I think its not much of a complexity to specify the group as well and also is
more explicit than implicitly using the users default group (which might have
some surprises).
> Again I'm not really against that, just asking for some opinions.
> I've got yours!
I don't have a clear opinion on the nogroup vs. nobody matter, but since it is
just a default and can easily be changed I just merged the patch for now (I hope
I got the correct version). If somebody[0] gives a good argument, we'll just
change the default.
Thanks for the contribution, FRIGN.
--Markus
0:
http://www.corsinet.com/braincandy/hlife.html
Received on Thu Sep 08 2016 - 23:46:46 CEST