From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 6966F158086 for ; Sun, 28 Nov 2021 10:06:49 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9512F2BC06E; Sun, 28 Nov 2021 10:06:45 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id BEAAE2BC03B for ; Sun, 28 Nov 2021 10:06:44 +0000 (UTC) From: Ulrich Mueller To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Don't use UIDs and GIDs below 100 without QA approval In-Reply-To: (William Hubbs's message of "Sat, 27 Nov 2021 22:13:43 -0600") References: <0890a89e-2d43-8889-6bbb-decad15b0a2e@gentoo.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) Date: Sun, 28 Nov 2021 11:06:36 +0100 Message-ID: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Archives-Salt: 53fd1b56-0fb3-4b61-a7d5-cb704f18cfc9 X-Archives-Hash: c454dedad12f9aae5c9161bc604dfbb4 --=-=-= Content-Type: text/plain >>>>> On Sun, 28 Nov 2021, William Hubbs wrote: > On Mon, Nov 15, 2021 at 09:36:32AM +0300, Eray Aslan wrote: >> 1/ Static allocation does not really solve a problem. Not really not >> nowadays >> 2/ We cant keep adding new IDs to a distribution as new software gets >> added - one side is unbounded. This is losing game. Not sure. In practice, the number of packages is limited. (And if the argument was valid, it would apply to dynamic alloction too.) >> Switching back to dynamic allocation seems to be the best option. > I realize I'm very late to this party, but +1 from me also. > We should use dynamic uid/git assignment by default and maybe provide > a way to force certain uids/gids to be constant if users want this. While the rationale for static allocation that made it into GLEP 81 [1] is rather weak, several people had argued in favour of it on the mailing list [2]. In any case, let's cross that bridge when we reach it. For now, we're good with 250 additional IDs. Ulrich [1] https://www.gentoo.org/glep/glep-0081.html#rationale [2] https://archives.gentoo.org/gentoo-dev/message/33903763d46d193a25e4c03c4851bfc3 --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFDBAEBCAAtFiEEtDnZ1O9xIP68rzDbUYgzUIhBXi4FAmGjVKwPHHVsbUBnZW50 b28ub3JnAAoJEFGIM1CIQV4uvyoH/3+eXpwczs3u/4lLYLV+TFIet8Cv75n0kmQT g0tKGjNoYpnTQVIj+FqrinTJqJ7ulg39sYnZ1XLD/xiivBm2hpJmxM/acXCGlLPZ SnAofNRL3gjkJ11nis3oQ5ZefSJRgLXYE3mwsUfilY6W4VtFGizLDNeJBZWkKQQF /YbeWzIM9j2cTbKGUuQ9+NmTxVMrn7hKWcCXWLa7Udoh7/2Bj8P0MrOoosb3ZeY/ O5kokivZXbOmLQr+R5txkHPYfmMNpaNRcaVKNNxFQR69b55DynLVZ8dGPFDkrVDD dV30NGv4174MP+2MiqYHDQNn7E0Sz9F2GnBNtQI3lrs4Y2QQFTw= =3d1s -----END PGP SIGNATURE----- --=-=-=--