[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#510635: glibc: 32 bits uid/gid overflow

Package: libc6
Version: 2.7-16
Severity: normal
File: glibc


Hi,

I was working on setting nss-pgsql on my system when I discovered this bug.
It seems that uid/gid use 32 bits integer and if a uid/gid is set bigger than (2^32)-1,
their is an overflow.

For example I have done this:

# echo "toto:x:4294967296:4294967296:Fake root:/home/linus:/bin/bash" >> /etc/passwd

The result is:

# id toto
uid=0(root) gid=0(root) groupes=0(root)

This could be a security break...


-- System Information:
Debian Release: 5.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libc6 depends on:
ii  libgcc1                       1:4.3.2-1  GCC support library

libc6 recommends no packages.

Versions of packages libc6 suggests:
pn  glibc-doc                     <none>     (no description available)
ii  locales                       2.7-16     GNU C Library: National Language (

-- debconf information:
  glibc/upgrade: true
  glibc/restart-failed:
  glibc/restart-services:
Reply to: