Yet another finger hole
trinkle at purdue.edu
trinkle at purdue.edu
Sun Dec 4 08:22:28 AEST 1988
The only inconvenience of changing fingerd to run as "nobody", is that
nobody has a uid (type uid_t == unsigned int) of -2. In SunOS 4.0, Sun is
very careful (ha ha) to handle all uids as type uid_t. This makes
/usr/etc/sa complain about preposterous user ids of 65534 every time sa is
run. It is too bad Sun has hardcoded a totally bogus user id into the
kernel (and it has been perpetuated by other vendors that support NFS out
of necessity), or it would be simple enough to change nobody to a
reasonable uid.
This unnecessary annoyance is still a small price to pay for the added
security of running fingerd as nobody.
Daniel Trinkle trinkle at cs.purdue.edu ARPA
Department of Computer Sciences trinkle%purdue.edu at relay.cs.net CSNET
Purdue University {ucbvax,decvax}!purdue!trinkle UUCP
West Lafayette, IN 47907 (317) 494-7844 PHONE
More information about the Comp.sys.sun
mailing list