severity 466929 normal thanks On Thu, Feb 21, 2008 at 10:35:27PM +0100, Jiří Paleček wrote: > Package: libuuid1 > Version: 1.40.2-1+lenny1 > Severity: serious > Tags: patch > Justification: Policy 9.2.1 > > according to the policy, UIDs and GIDs in the range 1-100 are reserved to > be globally allocated by the base-passwd package. libuuid1 allocates a > dynamic UID and GID from this range. This is a violation of the policy, and > it means that libuuid's user will be deleted on upgrades of the base-passwd > package.
Actually, adduser and addgroup automatically avoids the range 1-99, even if UID_MIN and/or GID_MIN is set to 1. It's better for script clarity set UID_MIN to 100, but it doesn't actually result in a behavioural change. Still it's good to fix this; it just doesn't warrant a severity of SERIOUS. - Ted