Charlie Li on 6 Dec 2018 16:49:47 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Yet another fresh linux exploit


On 06/12/2018 16:04, Fred Stluka wrote:
> Is this a practical problem?  That is, do many (any?) Linux systems
> have UIDs greater than 2,147,483,646?.  Do they use negative
> numbers?
> 
> By default my Linux boxes typically have UIDs 0 to 499 for special
> users, and 500 on up for regular users.  But they count up from 500
> by ones, so it would take a LONG time to get to UID 2,147,483,647.
> I don't expect to ever admin a system that has over 2 BILLION past or
> present users.
> 
Not relevant to the question. You can start regular UID counting
anywhere you want really. We are in the open source world; we are better
than this.

Let's not even mention unspeakable actors that may have been exploiting
this for time without telling anyone.
> I agree it's a bug and should be fixed.  But is there any real urgency
> for this one?  For example, is there some package I'm likely to add to
> my system that creates UID that are huge or negative?
> 
You may end up "needing" to run a daemon that solves a problem or does
something you need. Many times daemons run as their own UID and GID;
sometimes they're even codified. Unbeknownst to you, there's some
runtime checking that specifically checks for a specific UID or GID. If
that program asks for a UID or GID greater than 32 bits, and you had no
idea about this kind of underlying system flaw, well?

-- 
Charlie "the speed of light is a physical constant" Li

(This email address is for mailing list use only; replace local-part
with vishwin for off-list communication)

Attachment: signature.asc
Description: OpenPGP digital signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug