Subject: Defining a maximum value for uid's.
To: None <tech-userlevel@NetBSD.ORG>
From: Luke Mewburn <email@example.com>
Date: 05/19/1997 12:56:46
I've been fixing parts of the tree that do uid and gid parsing so that
incorrect values don't default to `0' (see discussion on tech-security)
for more info.
To do this, I've been converting the use of atoi() to strtoul(), and
checking appropriate values to ensure that the parsed field was just a
However, on the alpha, the return value of strtoul() is a unsigned 64
bit long, which may exceed the size of uid_t (unsigned 32 bit int).
So, I would like to create the following defines in <limits.h> or
<machine/limits.h>, and check against them in the relevant areas:
#define UID_MAX 4294967294 /* 2^32 - 2 */
#define GID_MAX 4294967294
It's 2^32-2 because setreuid treats -1 as a special value.
I had thought about using 2147483647 (2^31-1), because of setreuid()
That halves the size of the uid space, however.