Security Identifier (SID) to User Identifier (uid) ResolutionSystem
vorlon at netexpress.net
Thu Dec 30 22:11:55 GMT 1999
On Thu, 30 Dec 1999, Leslie M. Barstow III wrote:
> > Not a difficult question to answer, though--you say *the* getpwnam()
Hmm. s/a difficult/an easy/
> > implementation, when in fact each Unix has its own implementation. Some
> > Unices have 8-char limits, and in fact attempting to use longer names can
> > cause bugs/crashes/exploits.
> If Solaris or IRIX are among them, a cross-platform winbind will be
> difficult at best. At least we can start with Linux.
I don't know for certain, but I believe >8-char names can be used with Solaris
-- or at least things won't break if you try to use them. I have no idea
> > Linux does not have such a limit, although software running under Linux can
> > make poor assumptions about the length of usernames they're given. When
> > looking at files with the 'ls -l' command, the name *displayed* will be
> > limited to 8 characters, but this is simply because that's all the name that
> > will fit into the 8-character field in the output.
> Eww. Just thinking about this gives me the screaming heebie-jeebies.
> 20,000 utilities probably assume that, including (but not limited to) tar,
> RCS/SCCS - ick. Projects for the next millenium.
Hopefully, a lot of these problems could be cleared up in the year we have
left before the turn of the millenium. :) FWIW, the only reason 'ls' doesn't
handle long names properly is because there has to be *some* arbitrary field
length chosen if the output is going to be clean, and 8 bytes was chosen no
doubt because it's a traditional hard limit in Unix.
I just checked GNU tar, and it handles long names cleanly. Indeed, the only
issues I've *ever* found with using long usernames on a GNU system are
cosmetic ones. It's generally not *recommended* that one use usernames longer
than 8 letters, on the grounds that "you can never be too careful". But if
there's an overwhelming need to use long usernames on a system, then
everything will fall into place quickly enough.
More information about the samba-technical