On 2024/08/15 00:57:31 +0100, Stuart Henderson <s...@spacehopper.org> wrote: > I'd use pretty much any other old uid than _nginx as that's one of the more > common ports to install. Just looking at spare numbers showing in the diff, > 594/596 are way less common so fewer people will need to mess about with > rmuser.
_nginx is actually the oldest one, Feb 2012, followed by apache-http in Jul 2015. But I get your point, I was a bit worried too. I'll get 665 then, used by audio/hgd and removed in august 2016. > We need to jump to another uid range quite a way before 1000 (running > backwards 999 998 etc for 'special' users is quite common) but last time I > asked nobody could agree on a new range that didn't cause problems. Would > be handy if they didn't need to be fixed per port (at least for those parts > that don't need specific numbers). I agree it would be interesting to at least have some users dynamic, not all users we create in ports have to own files, so that could maybe free uids a bit. > Agreed on pledge/unveil, they at least make review much more difficult. > Showing a list of libc functions called (nm -s) and mapping to pledges made > might help. Probably easier to do post import.
