Bug 3643 - ncsd changes semantics of multiple users with same uid
Summary: ncsd changes semantics of multiple users with same uid
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: yp-tools
Version: 6.0
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Cristian Gafton
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 1999-06-22 19:51 UTC by Jay Berkenbilt
Modified: 2008-05-01 15:37 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 1999-07-02 22:35:11 UTC

Attachments (Terms of Use)

Description Jay Berkenbilt 1999-06-22 19:51:18 UTC
(Note: nscd is not available as a component when entering a
bug, so, since component is mandatory, I've chosen yp-tools
even though this doesn't have anything to do with that.)

When multiple users with the same uid appear in the passwd
file, mapping from uid to username always matches the first
entry.  This allows one to create multiple logins for the
same uid -- a very useful feature, and one that has existed
in UNIX environments for as long as I can recall.

When using nscd, the semantics change -- the uid to username
mapping resolves to whichever user was last accessed.

For example, create a user called "dump" in the passwd file
with uid 0.  Make sure dump comes after root.  Do ps aux.
Most processes are owned by root.  Now do su dump -fc
whoami.  Now do ps aux again.  Most processes are owned by
dump.  whoami returns dump.  If you stop nscd, this problem
goes away.

This can be a serious problem.  A lot of programs don't work
right if uid 0 doesn't map to root, but some software or
configurations may require a particular username to be
configured for a particular service.  Other similar problems
can occur with, for example, multiple logins to the same
guest ftp account.

Even though I think this is a fairly serious problem, I've
suggested "normal" for both priority and severity since the
workaround of not running nscd is simple and effective...

Comment 1 Cristian Gafton 1999-07-02 22:35:59 UTC
"Don't do that then". Having duplicate UIDs, you're on your own.
Especially for root.

Note You need to log in before you can comment on or make changes to this bug.