> At LISA VIII, someone in the Automounter BOF brought up the fact (I
> don't recall why) that under AIX, if your 'nobody' userid was greater
> than 65-thousand-something, it would wrap (due to the limitation of a
> longint uid field and 32-bit userids). This didn't seem like a big deal,
> except that they also said that by having negative userids, there were
> big security holes opened up. Anyone know what these are? I've been
> playing with a nobody with a uid of 70000, and haven't found anything...
As I remember the AIX nfs bug (as well as some other vendors I
believe), if you have a UID that has the lower 32-bit field set to 0,
you had a problem. This means that despite what your account started
at, it equated it as root.
Ciao,
--
Richard Bainter Mundanely | System Analyst - OMG/CSD
Pug Generally | Applied Research Labs - U.Texas
pug@arlut.utexas.edu | pug@bga.com
Note: The views may not reflect my employers, or even my own for that matter.