Date: Tue, 01 May 2001 06:56:56 +0900 From: Yoshihiro Koya <Yoshihiro.Koya@math.yokohama-cu.ac.jp> To: sheldonh@uunet.co.za Cc: Yoshihiro.Koya@math.yokohama-cu.ac.jp, freebsd-current@freebsd.org Subject: Re: A question about max_uid Message-ID: <20010501065656R.koya@math.yokohama-cu.ac.jp> In-Reply-To: <12411.988616150@axl.fw.uunet.co.za> References: <20010427001555G.koya@pluto.math.yokohama-cu.ac.jp> <12411.988616150@axl.fw.uunet.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, From: Sheldon Hearn <sheldonh@uunet.co.za> Subject: Re: A question about max_uid Date: Mon, 30 Apr 2001 09:35:50 +0200 > On Fri, 27 Apr 2001 00:15:55 +0900, Yoshihiro Koya wrote: > > > Currently, I have nobody (uid = 65534) account as a default account on > > my box. It might be easy to guess that the maximum is greater than > > 65533. My question is why such a restricion still remains. > > >From what I remember from my communication with Bruce Evans, the > "restrictions" (mostly unenforced" in our tree are there to protect old > software compiled to use 16-bit UID values. By allowing unsigned 32-bit > UID values in the system, you open the door for problems with software > that uses smaller UID values. Thanks for your reply. The following is extracted from /usr/src/usr.bin/chpass/field.c > /* ARGSUSED */ > int > p_uid(p, pw, ep) > char *p; > struct passwd *pw; > ENTRY *ep; > { > uid_t id; > char *np; > > if (!*p) { > warnx("empty uid field"); > return (1); > } > if (!isdigit(*p)) { > warnx("illegal uid"); > return (1); > } > errno = 0; > id = strtoul(p, &np, 10); > if (*np || (id == ULONG_MAX && errno == ERANGE)) { > warnx("illegal uid"); > return (1); > } > pw->pw_uid = id; > return (0); > } The system already seems to allow to use 32-bit UID. Indeed, I can add user with UID = 2147483647 = 0x7fffffff. # chpass foo /etc/pw.6mhYUR: 15 lines, 294 characters. chpass: 2147483647 > recommended max uid value (65535) chpass: updating the database... pwd_mkdb: 2147483647 > recommended max uid value (65535) chpass: done # cat /etc/passwd | grep foo foo:*:2147483647:20:some user:/tmp:/bin/csh BTW, I would like to point out that chpass command or pwd_mkdb command made some strange behaviour as follows: # chpass foo (I change the user foo's uid to 4294967295 = 0xffffffff here.) /etc/pw.qVOUaT: 15 lines, 294 characters. chpass: -1 > recommended max uid value (65535) chpass: updating the database... pwd_mkdb: -1 > recommended max uid value (65535) chpass: done # cat /etc/passwd | grep foo foo:*:4294967295:20:some user:/tmp:/bin/csh # cat /etc/master.passwd | grep foo foo:*:-1:20::0:0:some user:/tmp:/bin/csh It might be better to fix if possible. The user with minus UID has potential problems, and commands allow such minus uid are obviously wrong. Added to this, the above pwd_mkdb commands tells me that the recommended max uid value is 65535, which is a 16-bit UID, and this value 65535 differs from the restricted value of pw command. It might be better to unify such a recommended UID value on the system. Finally, I would like to mention my system on which I made the above tests. The system is FreeBSD vaio.my.domain 5.0-20010112-SNAP FreeBSD 5.0-20010112-SNAP #4: Mon Feb 26 15:32:20 JST 2001 root@vaio.my.domain:/usr/src/sys/compile/vaio i386 That system is somewhat old. But I guess that the current source codes of pw, chpass and pwd_mkdb aren't so far from those on my system, maybe. I cannot check the latest sources now because I'm on travel. Thanks for your reading. koya To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010501065656R.koya>