Package: adduser Version: 3.59 Severity: normal adduser should never use "nogroup" as the group for a user by default. The reason nobody and nogroup exists is so that processes can be sure of having no special access to the file system. For this to work there musn't be anything in the file system with uid/gid set to either. With system users in nogroup it's easy for files to be created with nogroup as their group, and though they usually won't be group writable, it's asking for trouble, with no benefit.
If USERGROUPS is set then system users should get their own unique groups, just like regular users, and for the same reasons. If USERGROUPS isn't set then system users should be put in a group created for just this purpose (perhaps "sysuser"), rather than using nogroup. -- Roderick Schertler [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
