[Pkg-shadow-devel] UID == (uid_t)-1
Nicolas François
nicolas.francois at centraliens.net
Tue Feb 24 23:41:19 UTC 2009
On Tue, Feb 24, 2009 at 10:49:05AM -0500, vapier at gentoo.org wrote:
> On Tuesday 24 February 2009 10:29:28 Peter Vrabec wrote:
> > what do you think about this patch? I'm afraid uid = -1 should not be
> > allowed. It's a problem for chown at least.
>
> to be clear, we're talking about the behavior the POSIX set of chown()
> functions require, not so much the chown binary ... although the former
> implies the same behavior in the latter ...
>
> having shadow reject attempts to utilize uid of -1 sounds sane to me
No problem with me neither.
I will forbid the creation of user (resp. group) whose ID evaluates as
(uid_t)-1 (resp. (gid_t)-1).
(This impacts useradd, usermod, newusers, groupadd, groupmod, pwconv,
pwunconv, grpconv, grpunconv, vipw)
I will also add a check in pwck and grpck.
However, I will still support UID and GID set to -1 if this user or group
already exists.
(e.g. using chage, gpasswd, passwd, userdel, lastlog, faillog, etc.)
Best Regards,
--
Nekral
More information about the Pkg-shadow-devel
mailing list