Re: High UID support for Linux
H. Peter Anvin (hpa@transmeta.com)
4 Dec 1998 05:15:31 GMT
Followup to: <199812031751.SAA07776@pallas.spacetec.no>
By author: tor@spacetec.no (Tor Arntsen)
In newsgroup: linux.dev.kernel
>
> hpa@transmeta.com (H. Peter Anvin) writes:
> >Then your customer's program is buggy, unless it intends to refer to
> >the HOME and USER of the *user who started the setuid program*.
>
> Sure, if by "buggy" you mean that my customer's program fail to
> set up the full environment for the programs it is starting (and I want
> my UID's home, not that of the user who started the setuid program).
> However, this is a typical real life problem -- there's no way I could
> get the customer to fix the program (the customer has to go to his
> customer and get money to pay somebody else etc. etc.), he would just
> say "I'm starting you with the right UID, what more do you want? Go away!"
> Simple things like that cost more than a new SGI O2 to fix when you add
> up the hours (and documentation and faxes) of all involved.
> So I just have to forget about HOME etc. and use the system calls instead.
> The only way to work in a multi-vendor setup is to never depend on anybody
> but myself.
> That's (real) life :-)
>
Perhaps, but it doesn't change the fact the program is buggy.
Anyway, the bottom line of this is that existing libraries will
continue to work in existing configurations. Existing libraries will
*not* work with high uids. Existing binaries compiled against libc 6
will work with high uids with an updated version of the library in the
system; older libc versions cannot be similarly retrofitted and hence
existing libc 1-5 binaries will not (cannot) support high uids.
-hpa
--
PGP: 2047/2A960705 BA 03 D3 2C 14 A8 A8 BD 1E DF FE 69 EE 35 BD 74
See http://www.zytor.com/~hpa/ for web page and full PGP public key
I am Bahá'í -- ask me about it or see http://www.bahai.org/
"To love another person is to see the face of God." -- Les Misérables
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/