On Fri, May 30, 2008 at 09:10:29AM +0200, [EMAIL PROTECTED] wrote: > > Creating an user-account and changing the UID via vipw to "4294967296" > (Which is 2^32) results in an overflow and the user gets the UID=0, > an UID of "4294967297" leads to an UID=1 and so on. > > $ grep test /etc/passwd > test:x:4294967296:5000:,,,:/home/test:/bin/bash > > $ su - test > Password: > [EMAIL PROTECTED]:~# id > uid=0(root) gid=5000(test) groups=5000(test)
The bad news is that I can't reproduce this on i386. Thus I will have to ask you questions. If you create a file when logged in as user test (with su), does the file belongs to root or to test? In fact, I wonder if it is not a bug in id, which cast all the UIDs and GIDs to (unsigned long int). Also, are you able to compile some source on that box. I would be interested by having the output of: #include <sys/types.h> #include <pwd.h> #include <stdio.h> void main (void) { struct passwd *pwd = getpwnam ("test"); printf ("test's UID: %llu\n", pwd->pw_uid); } It does not need to be run or compiled as user test, but the user test should be present in /etc/passwd. Last but not least, I do not recommend using these UIDs since it will trigger bugs (in shadow or other softwares). UID below 2^32 should be safe on all architectures. (This is not a reason for not fixing these bugs, but it is a good reason for administrators not to use these UIDs) Best Regards, -- Nekral -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]