Security Identifier (SID) to User Identifier (uid) ResolutionSystem

Steve Langasek vorlon at
Thu Dec 30 22:11:55 GMT 1999

On Thu, 30 Dec 1999, Leslie M. Barstow III wrote:

> > Not a difficult question to answer, though--you say *the* getpwnam()
Hmm. s/a difficult/an easy/
> > implementation, when in fact each Unix has its own implementation.  Some
> > Unices have 8-char limits, and in fact attempting to use longer names can
> > cause bugs/crashes/exploits.

> If Solaris or IRIX are among them, a cross-platform winbind will be
> difficult at best.  At least we can start with Linux.

I don't know for certain, but I believe >8-char names can be used with Solaris
-- or at least things won't break if you try to use them.  I have no idea
about Irix.

> > Linux does not have such a limit, although software running under Linux can
> > make poor assumptions about the length of usernames they're given.  When
> > looking at files with the 'ls -l' command, the name *displayed* will be
> > limited to 8 characters, but this is simply because that's all the name that
> > will fit into the 8-character field in the output.

> Eww.  Just thinking about this gives me the screaming heebie-jeebies.
> 20,000 utilities probably assume that, including (but not limited to) tar,
> RCS/SCCS - ick.  Projects for the next millenium.

Hopefully, a lot of these problems could be cleared up in the year we have
left before the turn of the millenium. :)  FWIW, the only reason 'ls' doesn't
handle long names properly is because there has to be *some* arbitrary field
length chosen if the output is going to be clean, and 8 bytes was chosen no
doubt because it's a traditional hard limit in Unix.

I just checked GNU tar, and it handles long names cleanly.  Indeed, the only
issues I've *ever* found with using long usernames on a GNU system are
cosmetic ones.  It's generally not *recommended* that one use usernames longer
than 8 letters, on the grounds that "you can never be too careful".  But if
there's an overwhelming need to use long usernames on a system, then
everything will fall into place quickly enough.

-Steve Langasek
postmodern programmer

More information about the samba-technical mailing list