Bug#510635: glibc: 32 bits uid/gid overflow
forcemerge 483645 510635
thanks
On Sat, Jan 03, 2009 at 11:47:34PM +0100, Yannis Aribaud wrote:
> Package: libc6
> Version: 2.7-16
> Severity: normal
> File: glibc
>
>
> Hi,
>
> I was working on setting nss-pgsql on my system when I discovered this bug.
> It seems that uid/gid use 32 bits integer and if a uid/gid is set bigger than (2^32)-1,
> their is an overflow.
>
> For example I have done this:
>
> # echo "toto:x:4294967296:4294967296:Fake root:/home/linus:/bin/bash" >> /etc/passwd
>
> The result is:
>
> # id toto
> uid=0(root) gid=0(root) groupes=0(root)
>
> This could be a security break...
While I agree this bug should be fixed, I don't believe it is a security
break, given that no tools allow such values to be written to
/etc/passwd.
--
.''`. Aurelien Jarno | GPG: 1024D/F1BCDB73
: :' : Debian developer | Electrical Engineer
`. `' aurel32@debian.org | aurelien@aurel32.net
`- people.debian.org/~aurel32 | www.aurel32.net
Reply to: