[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: recent etch upgrade... sashroot (uid=0) started to impersonate uid=0 (root)

On Thu, Feb 15, 2007 at 03:47:53PM +0000, Ian Jackson wrote:
> Steve Langasek writes ("Re: recent etch upgrade... sashroot (uid=0) started to impersonate uid=0 (root)"):
> > Again, I believe the behavior is not a bug because the behavior of
> > getpwuid() when two users share the same uid is undefined.

> Where is the format of /etc/passwd standardised, so that we can see
> what that says about the meaning of entries with identical uids ?

I'm not aware that it is.  But getpwuid() certainly is standardized.
http://www.opengroup.org/onlinepubs/009695399/functions/getpwuid.html, for
example, doesn't say anything about how getpwuid() is required to resolve
uid conflicts in the password database.  That makes it "undefined" in my

The behavior of most getpwuid() implementations that act on /etc/passwd is
*predictable*, but AFAIK not standardized.

> > This behavior is related to other nscd issues in the past that /were/ bugs

> It seems to me that nscd is buggy in that it fails to preserve the
> long-established de-facto standard behaviour for getpwuid.

The de-facto standard that's violated by nss_ldap, nss_nisplus, nss_hesiod,
nss_db, and any other backend that doesn't use an ordered flatfile for its
data storage?

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@debian.org                                   http://www.debian.org/

Reply to: