Re: LOGNAME, USER, and get-uid; NIS Lassi Kortela 12 Aug 2019 18:33 UTC
> There are actually two environment variables specifying the name of the > user: LOGNAME is supposed to be the name of the real uid, USER is > supposed to be the name of the effective uid. I always wondered what the distinction is :) One wonders how reliably programs uphold that distinction. > These variables are both subject to forgery, but if we provided both the > geteuid and getruid system calls we could discriminate reliably: > sometimes you want one, sometimes the other. This is especially true > when one of them is root. Definitely provide both of those syscalls. Do we need the envars for anything? To get the effective username, call getpwuid(geteuid()). To get the real username, call getpwuid(getuid()). The effective user is especially security-sensitive, since that's what's used to check file permissions and whether or not the user can execute root-only syscalls. > Scsh calls the syscalls get-uid and get-effective-uid, but I think we > should make it get-real-uid instead of get-uid for clarity's sake. > > The same applies to gids, of course. Strongly agreed. > NIS is just a distributed version of /etc/passwd, as DNS is a > distributed version of /etc/hosts. It is tiny and simple compared to X.500. That's cool. I never thought of DNS that way.