On Tue, 2007-08-28 at 08:36 -0400, Robert Locke wrote: > /etc/passwd has always been "universally" readable. As a quick > example, note your use of "ll" which is really "ls -l" and the fact > that the third and fourth columns are displaying "names" of the user > and group associated with that file. The reality is that the "names" > are not stored on disk, but rather their numeric representation: uid > and gid. In order for the ls command to display a name, it needs to > "look up" the user's name associated with the uid it got from the > filesystem. Where is this "mapping" of uid and username kept? > Yep, /etc/passed. Though, I would have thought that the safest way to do that, would not be for applications to directly read the file, but to query the system, and the system read that file. Much the same as how name look-ups are done. You ask the resolver, which looks at a hosts file or uses a DNS server. You don't have each application doing that role. I don't know how Linux does it, but in other systems, it is possible for an application to open some file exclusively, and until its done with it, nothing else can even read it. The potential for an application to do such a dastardly thing with an important file would be a reason to not directly use the files, as a matter of policy. -- [tim@bigblack ~]$ uname -ipr 2.6.22.1-41.fc7 i686 i386 Using FC 4, 5, 6 & 7, plus CentOS 5. Today, it's FC7. Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
