Tim wrote:
On Tue, 2007-08-28 at 08:36 -0400, Robert Locke wrote:
/etc/passwd has always been "universally" readable. As a quick
example, note your use of "ll" which is really "ls -l" and the fact
that the third and fourth columns are displaying "names" of the user
and group associated with that file. The reality is that the "names"
are not stored on disk, but rather their numeric representation: uid
and gid. In order for the ls command to display a name, it needs to
"look up" the user's name associated with the uid it got from the
filesystem. Where is this "mapping" of uid and username kept?
Yep, /etc/passed.
Though, I would have thought that the safest way to do that, would not
be for applications to directly read the file, but to query the system,
and the system read that file.
Unix was designed to be a simple system.
Much the same as how name look-ups are done. You ask the resolver,
which looks at a hosts file or uses a DNS server. You don't have each
application doing that role.
But the resolver is a library which is in fact part of each application
and in the case of the hosts file the application does read it.
--
Les Mikesell
lesmikesell@xxxxxxxxx