Re: High UID support for Linux

H. Peter Anvin (
4 Dec 1998 05:15:31 GMT

Followup to: <>
By author: (Tor Arntsen)
In newsgroup:
> (H. Peter Anvin) writes:
> >Then your customer's program is buggy, unless it intends to refer to
> >the HOME and USER of the *user who started the setuid program*.
> Sure, if by "buggy" you mean that my customer's program fail to
> set up the full environment for the programs it is starting (and I want
> my UID's home, not that of the user who started the setuid program).
> However, this is a typical real life problem -- there's no way I could
> get the customer to fix the program (the customer has to go to his
> customer and get money to pay somebody else etc. etc.), he would just
> say "I'm starting you with the right UID, what more do you want? Go away!"
> Simple things like that cost more than a new SGI O2 to fix when you add
> up the hours (and documentation and faxes) of all involved.
> So I just have to forget about HOME etc. and use the system calls instead.
> The only way to work in a multi-vendor setup is to never depend on anybody
> but myself.
> That's (real) life :-)

Perhaps, but it doesn't change the fact the program is buggy.

Anyway, the bottom line of this is that existing libraries will
continue to work in existing configurations. Existing libraries will
*not* work with high uids. Existing binaries compiled against libc 6
will work with high uids with an updated version of the library in the
system; older libc versions cannot be similarly retrofitted and hence
existing libc 1-5 binaries will not (cannot) support high uids.


    PGP: 2047/2A960705 BA 03 D3 2C 14 A8 A8 BD  1E DF FE 69 EE 35 BD 74
    See for web page and full PGP public key
        I am Bahá'í -- ask me about it or see
   "To love another person is to see the face of God." -- Les Misérables

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to Please read the FAQ at