Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 3643 - ncsd changes semantics of multiple users with same uid
Summary: ncsd changes semantics of multiple users with same uid
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: yp-tools
Version: 6.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Cristian Gafton
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-06-22 19:51 UTC by Jay Berkenbilt
Modified: 2008-05-01 15:37 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 1999-07-02 22:35:11 UTC


Attachments (Terms of Use)

Description Jay Berkenbilt 1999-06-22 19:51:18 UTC
(Note: nscd is not available as a component when entering a
bug, so, since component is mandatory, I've chosen yp-tools
even though this doesn't have anything to do with that.)

When multiple users with the same uid appear in the passwd
file, mapping from uid to username always matches the first
entry.  This allows one to create multiple logins for the
same uid -- a very useful feature, and one that has existed
in UNIX environments for as long as I can recall.

When using nscd, the semantics change -- the uid to username
mapping resolves to whichever user was last accessed.

For example, create a user called "dump" in the passwd file
with uid 0.  Make sure dump comes after root.  Do ps aux.
Most processes are owned by root.  Now do su dump -fc
whoami.  Now do ps aux again.  Most processes are owned by
dump.  whoami returns dump.  If you stop nscd, this problem
goes away.

This can be a serious problem.  A lot of programs don't work
right if uid 0 doesn't map to root, but some software or
configurations may require a particular username to be
configured for a particular service.  Other similar problems
can occur with, for example, multiple logins to the same
guest ftp account.

Even though I think this is a fairly serious problem, I've
suggested "normal" for both priority and severity since the
workaround of not running nscd is simple and effective...

Comment 1 Cristian Gafton 1999-07-02 22:35:59 UTC
"Don't do that then". Having duplicate UIDs, you're on your own.
Especially for root.


Note You need to log in before you can comment on or make changes to this bug.