Subject: Re: UID_MAX?
To: None <current-users@netbsd.org>
From: Greg A. Woods <woods@most.weird.com>
List: current-users
Date: 01/07/1999 12:40:45
Oh, my favourite NFS topic!!!!  ;-)

[ On Wed, January 6, 1999 at 23:42:00 (-0800), Paul Wain wrote: ]
> Subject: Re: alarm(4G)?
>
> This one makes some sense when you think about it in terms of say NFS et al...
> 
> uid=-1, gid=-1 => nobody/unknown on NFS/PCNFS
> uid=-2, gid=-2 => bad root access over NFS/PCNFS - see exports(5)

The default "nobody" UID/GID has always been "-2/-2" on SunOS (before
5.0) and BSD implementations.  Only on AT&T System V has "nobody" been
anything else.

The very definition of "nobody" is "user credentials used for access
over NFS by a remote superuser".

I think you've confused "nobody" with "noaccess".  On SysVr4 it's
possible to prevent anonymous, or unknown, remote users from getting
access to the system, or to map them to the "noaccess" user, which is by
default UID 60002 ("nobody" is UID 60001, GID 60001).  I don't see any
equivalent to this concept in NetBSD's NFS, though I may be missing
it....  (Certainly nothing's documented in exports(5) about unknown or
anonymous NFS users and mountd.c does not seem to mention the concept....)

(Speaking of which, I see somone copy editor at Sun now describes
UID_NOBODY as "user ID no body" (sic) - yes, two words!!!!! ;-)

> Thus, the max valid value for uid/gid is (signed int) -3, or 2^31-2 (-1 is 2^32,
> -2 is 2^31-1) assuming that uid and gid are 32 bit ints (try teaching that to
> e.g. a SunOS 4.x machine that just mounted you - it uses 16 bit ints but thats
> another matter entirely :)

Yet another reason why mountd(8) should never hard-code "-2" as the
default "nobody" user....

> Geoff Wing wrote:
> 
> > 4) Another interesting thing: <sys/syslimits.h>
> > #define GID_MAX            2147483647U  /* max value for a gid_t (2^31-2) */
> > #define UID_MAX            2147483647U  /* max value for a uid_t (2^31-2) */
> >                                                                       ^^
> >                                                                       yeah?

I still don't see the logic here.  uid_t and gid_t are both u_int32_t on
all NetBSD systems and although there's not much chance anyone will
build a system that really needs more than 2^32 users, I don't see any
reason to restrict UID_MAX and GID_MAX to anything less than (2^32-1).

As for the "-2", well, that would be just silly (if it were true),
especially given the use the system itself makes of UID_MAX and GID_MAX,
particularly in user-land (I can't find any use in the kernel,
actually).

Indeed if mountd(8) is left defaulting "nobody" to -2:-2 then it *must*
be possible to make the "nobody" user match, and with pwd_mkdb(8) using
UID_MAX and GID_MAX as a "sanity" check, this is currently impossible.

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>