Control: tags -1 - security - confirmed + wontfix
thanks
On Wed, Nov 14, 2012 at 12:36:18PM +0100, Wessel Dankers wrote:
> However, multiple (system) accounts sharing a common group is not good
> from a security standpoint. It gives unrelated processes access to each
> other's files and other resources.
/usr/share/doc/base-passwd/users-and-groups.txt.gz says:
Daemons that need not own any files sometimes run as
user nobody and group nogroup, although using a
dedicated user is far preferable. Thus, no files on a
system should be owned by this user or group.
That being said I think that adduser does the right thing.
I am ready to be convinced, but for the time being this is a wontfix.
Greetings
Marc
