[78] in bugtraq
UIDS < 0?
daemon@ATHENA.MIT.EDU (Rich Holland)
Sun Oct 23 01:46:20 1994
From: Rich Holland <holland@engg.ksu.edu>
To: bugtraq@fc.net
Date: Sat, 22 Oct 1994 22:50:26 -0500 (CDT)
At LISA VIII, someone in the Automounter BOF brought up the fact (I
don't recall why) that under AIX, if your 'nobody' userid was greater
than 65-thousand-something, it would wrap (due to the limitation of a
longint uid field and 32-bit userids). This didn't seem like a big deal,
except that they also said that by having negative userids, there were
big security holes opened up. Anyone know what these are? I've been
playing with a nobody with a uid of 70000, and haven't found anything...
--
Rich Holland UNIX System Administrator
holland@engg.ksu.edu College of Engineering
http://www.engg.ksu.edu/~holland/ Kansas State University
char*p="char*p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
