Bugtraq mailing list archives
Re: UIDS < 0?
From: pug () arlut utexas edu (Pug)
Date: Sun, 23 Oct 1994 09:26:04 -0600 (CDT)
At LISA VIII, someone in the Automounter BOF brought up the fact (I don't recall why) that under AIX, if your 'nobody' userid was greater than 65-thousand-something, it would wrap (due to the limitation of a longint uid field and 32-bit userids). This didn't seem like a big deal, except that they also said that by having negative userids, there were big security holes opened up. Anyone know what these are? I've been playing with a nobody with a uid of 70000, and haven't found anything...
As I remember the AIX nfs bug (as well as some other vendors I believe), if you have a UID that has the lower 32-bit field set to 0, you had a problem. This means that despite what your account started at, it equated it as root. Ciao, -- Richard Bainter Mundanely | System Analyst - OMG/CSD Pug Generally | Applied Research Labs - U.Texas pug () arlut utexas edu | pug () bga com Note: The views may not reflect my employers, or even my own for that matter.
Current thread:
- UIDS < 0? Rich Holland (Oct 22)
- Re: UIDS < 0? Pug (Oct 23)