|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: UIDS < 0?
Pug (pug
arlut.utexas.edu)Sun, 23 Oct 1994 09:26:04 -0600 (CDT)
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Chris Swanson: "Re: Another request for passwords"
- Previous message: Justin J. Lister: "Re: Another request for passwords"
- In reply to: Rich Holland: "UIDS < 0?"
> At LISA VIII, someone in the Automounter BOF brought up the fact (I
> don't recall why) that under AIX, if your 'nobody' userid was greater
> than 65-thousand-something, it would wrap (due to the limitation of a
> longint uid field and 32-bit userids). This didn't seem like a big deal,
> except that they also said that by having negative userids, there were
> big security holes opened up. Anyone know what these are? I've been
> playing with a nobody with a uid of 70000, and haven't found anything...
As I remember the AIX nfs bug (as well as some other vendors I
believe), if you have a UID that has the lower 32-bit field set to 0,
you had a problem. This means that despite what your account started
at, it equated it as root.
Ciao,
--
Richard Bainter Mundanely | System Analyst - OMG/CSD
Pug Generally | Applied Research Labs - U.Texas
pugarlut.utexas.edu | pugbga.com
Note: The views may not reflect my employers, or even my own for that matter.
- Next message: Chris Swanson: "Re: Another request for passwords"
- Previous message: Justin J. Lister: "Re: Another request for passwords"
- In reply to: Rich Holland: "UIDS < 0?"