From owner-freebsd-hackers  Sat Jul 31 15:35:18 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7])
	by hub.freebsd.org (Postfix) with ESMTP id 4B87D14DC0
	for <hackers@FreeBSD.ORG>; Sat, 31 Jul 1999 15:35:13 -0700 (PDT)
	(envelope-from archie@whistle.com)
Received: (from archie@localhost)
	by bubba.whistle.com (8.9.2/8.9.2) id PAA64606;
	Sat, 31 Jul 1999 15:34:17 -0700 (PDT)
From: Archie Cobbs <archie@whistle.com>
Message-Id: <199907312234.PAA64606@bubba.whistle.com>
Subject: Re: No MAXUID ?
In-Reply-To: <199907301613.JAA03962@dingo.cdrom.com> from Mike Smith at "Jul 30, 1999 09:13:52 am"
To: mike@smith.net.au (Mike Smith)
Date: Sat, 31 Jul 1999 15:34:17 -0700 (PDT)
Cc: hackers@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL54 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Mike Smith writes:
> v2 NFS doesn't support UIDs > 65535, and UIDs around that number are 
> magic to it as well.  There are serious security issues here (files 
> will appear to be owned by the wrong user).

Hmm, isn't this a separate bug in itself (unrelated to pwd_mkdb)?
Ie, somewhere in the kernel there should be a check for "UID wrap"
that generates an error if detected. At least on the server; on the
client of course it would be too late.

-Archie

___________________________________________________________________________
Archie Cobbs   *   Whistle Communications, Inc.  *   http://www.whistle.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message