Re: AppArmor for Fedora

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tim wrote:
On Tue, 2007-08-28 at 08:36 -0400, Robert Locke wrote:
/etc/passwd has always been "universally" readable.  As a quick
example, note your use of "ll" which is really "ls -l" and the fact
that the third and fourth columns are displaying "names" of the user
and group associated with that file.  The reality is that the "names"
are not stored on disk, but rather their numeric representation: uid
and gid. In order for the ls command to display a name, it needs to
"look up" the user's name associated with the uid it got from the
filesystem.  Where is this "mapping" of uid and username kept?
Yep, /etc/passed.

Though, I would have thought that the safest way to do that, would not
be for applications to directly read the file, but to query the system,
and the system read that file.

Unix was designed to be a simple system.

Much the same as how name look-ups are done.  You ask the resolver,
which looks at a hosts file or uses a DNS server.  You don't have each
application doing that role.

But the resolver is a library which is in fact part of each application and in the case of the hosts file the application does read it.

--
  Les Mikesell
    lesmikesell@xxxxxxxxx


--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux