installation of cdrecord needs an user "bin"

Fernando Arbeiza arbeizaf at ono.com
Thu Oct 4 09:10:12 PDT 2001


On Thu 04 Oct 2001 17:22, J.A. Neitzel wrote:
>
> Personally, I would take this with a big grain of salt. Standards are
> good; I don't mean to dispute that. It's just that the pseudo-user, bin,
> and the corresponding group, bin, are really not for administrative
> purposes. It is not really a user who should accept logins. In fact,
> if you have this user (I do), logins should be forbidden and disabled
> completely.
>
> I might be wrong in some of my explanation here, but user bin was
> thought to be a good security thing. Basically, a great many of the
> executables that don't need special access (setuid to root) don't
> really need to be owned by root either.
>
> Somewhere along the line, user bin was thought to be good. All of this
> pertains to UNIX, not only Linux. You can read all about many of these
> things in "The Red Book".

Thanks a lot for the explanation. I will try to get that book (from the 
library, I hope) and read about that (learning myself, instead of bothering 
you  ;-)  ).

> Do you want user bin on your system? Your decision, but you sure don't
> want to allow any logins on that account if you do...
>
> ==== /etc/passwd ====
> bin:x:1:1:bin:/dev/null:/bin/false

I have just created the user bin the way you told me. For the moment, only 
cdrecord and mkisofs are owned by that user. Let's see if any other program 
needs that user.

Thanks again,

Fernando Arbeiza
Cantabria, Spain
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-support' in the subject header of the message



More information about the blfs-support mailing list