Received: from nc-smtp2.sdv.fr (nc-smtp2.sdv.fr [212.95.69.92])
	by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id A99A9780EDC
	for <~alpine/devel@lists.alpinelinux.org>; Sun, 19 Jun 2022 22:40:07 +0000 (UTC)
Received: from skarnet.org (140.156.124.78.rev.sfr.net [78.124.156.140])
	by nc-smtp2.sdv.fr (Postfix) with SMTP id DDCA3A01C2
	for <~alpine/devel@lists.alpinelinux.org>; Mon, 20 Jun 2022 00:40:06 +0200 (CEST)
Received: (qmail 17057 invoked from network); 20 Jun 2022 00:40:33 +0200
Received: from unknown (HELO ?192.168.0.237?) ()
  by sinay.internal.skarnet.org. with SMTP; 20 Jun 2022 00:40:33 +0200
From: "Laurent Bercot" <ska-devel@skarnet.org>
To: "Konstantin Kulikov" <k.kulikov2@gmail.com>, "Markus Kolb"
 <alpinelinux+develml@tower-net.de>
Subject: Re: Security problem in how you manage users in package installations
Cc: "Alpine Linux devel ML" <~alpine/devel@lists.alpinelinux.org>
Date: Sun, 19 Jun 2022 22:40:07 +0000
Message-Id: <emd244bda9-ca70-4b25-a161-b9f1bec7ecdf@89f6286a.com>
In-Reply-To: <CAD+eXGQuATq8yW=LqSoyj04B=-egzfna_R6+9mOXXiiu+owq_A@mail.gmail.com>
References: <22948c2fba2f4882ac4646501fd6ef3f@tower-net.de>
 <CAD+eXGR0gJH5UbrgE=5qvXaNgsRD+17tueooGdSY1NKPLcVrKw@mail.gmail.com>
 <49d7456930f237457bf7f3f5c50f96e4@tower-net.de>
 <CAD+eXGQuATq8yW=LqSoyj04B=-egzfna_R6+9mOXXiiu+owq_A@mail.gmail.com>
Reply-To: "Laurent Bercot" <ska-devel@skarnet.org>
User-Agent: eM_Client/9.0.1708.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable

>Logging in alpine is in a shit state because openrc doesn't really
>implement logging properly.
>There was some talk about replacing it, no idea what state it is currently =
in.

  It's still some time away, but the parts of the replacement that
provide better logging are already available on Alpine and could be
used today. It's not yet the case because devs prefer not mix-and-
matching tools and would rather have the full openrc replacement
before performing the switch.

  I have to say I don't really understand why this discussion has gone
to such depths and with such ramifications.

  The issue seems to be that users can squat user/group names that
conflict with later installations of Alpine packages; my probably
unpopular opinion is that it's *fine*.
  Administrators are root on their machines, they can do whatever they
want, including squatting user and group names. What packagers should do
is document the user and group names that their packages use; Alpine
could aggregate and publish the list, and then defer to administrators
the responsibility of making sure there are no conflicts before
user-defining packages are installed, under penality of risking security
weaknesses.
  Documentation is often better than coercion.

--
  Laurent