On Tuesday 03 November 2009 11:16, Jack Woehr wrote:
>Edmund R. MacKenty wrote:
>> . I don't think the UID/GID can be re-used, as
>> your vendor controls their assignments for system accounts and useradd(8)
>> will not assign UID/GID values below 500
>
>That number-below-which is controlled by the contents of /etc/login.defs
>I believe, which is an editable text file, not a hard limit.
Correct. But in order for the scenario you described to occur, one of the
following must happen:
1) A superuser edits /etc/login.defs and sets SYSTEM_USER_MIN to zero or some
other very low value, or
2) A superuser runs "useradd -r -u 40 cracker" and gives that account to a
plain user.
Either scenario requires an irresponsible superuser. Marcy does not fall into
that category.
- MacK.
-----
Edmund R. MacKenty
Software Architect
Rocket Software
275 Grove Street · Newton, MA 02466-2272 · USA
Tel: +1.617.614.4321
Email: [email protected]
Web: www.rocketsoftware.com
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390