Bug 92033 - passwd doesn't handle multiple usernames w/ same uid
passwd doesn't handle multiple usernames w/ same uid
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: passwd (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Tomas Mraz
Mike McLean
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-06-01 02:39 EDT by Kent Crispin
Modified: 2007-11-30 17:10 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-04-08 07:46:06 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Kent Crispin 2003-06-01 02:39:57 EDT
Description of problem:
  two or more usernames w/ same uid (eg u1:1001 and u2:1001).  log in as u2;
run passwd; passwd will say "Changing password for user u1", and will change
u1's password, if u1 is first in /etc/passwd.

Version-Release number of selected component (if applicable):
  applies to all versions since 5.2, I believe

How reproducible:
  100%

Steps to Reproduce:
1. (as root) useradd u1; useradd u2
2. edit /etc/passwd file to change uid for u2 to be same as uid for u1
3. chown -R u1 /home/u2
4. su - u2
5. passwd
    
Actual results:
  "Changing password for user u1"

Expected results:
  "Changing password for user u2"

Additional info:
  The behavior of passwd changed after 5.2, apparently in an attempt to avoid
the insecurity of the getlogin function.  However, the insecurity of getlogin
is not, I believe, really an issue, since the getuid check still applies.
Comment 1 Kent Crispin 2003-06-01 03:11:32 EDT
This is a difficult problem to fix securely, and it may be impossible to do a
job that that is both complete and secure.  I have a patch that I believe does
OK (it meets my needs, at least), and I have been using it for some time now.
It would be much better, of course, if the functionality was supported.

Comment 2 Jindrich Novy 2005-01-28 06:52:21 EST
Kent, could you send the patch here?
Comment 3 Tomas Mraz 2005-03-25 08:26:06 EST
Having two users with the same uid isn't supported well by many system utilities
so I don't think passwd is too different from the rest of the system.

Note You need to log in before you can comment on or make changes to this bug.