Monday, January 17, 2005

An obscure frailty at the base of all unix systems, including OS X

MacInTouch Home Page
[Scott Boone] The 'short name' used by the system is mapped to a (supposed to be) unique user identifier (number). This mapping can be seen using NetInfo Manager. It is an age-old problem whereby these 'unique' identifiers collide, and is a legacy reminder that unix was NOT invented in the Internet era. Combined with the fact that the unique identifiers are used sequentially (typically starting at 500 or 1000) when creating user accounts, such problems are nearly inevitable; the first user you create on each account, even with different names or passwords, will have the same ID.

Also because of the inherent 'trust' given to a mounted volume, passwords are NOT USED AT ALL to protect files on an individual basis. This is, in fact, a common vector for getting to other users' files--you need only to utilize a second system that can mount the target volume and then change your UID to match the target user's to gain access to that user's data. Backup tapes and backup files are historical favorites.

An easy way to see these numerical IDs in action is to perform this command in the Terminal: ls -aln - that will spit out a long directory listing, with the -n switch causing the output to NOT convert the user/group IDs.
This is a bit amazing on first glance. The fundamental UNIX user identifier is an integer that increments with each user added. The text username is a convenience that's mapped to that integer. It's ok that usernames aren't unique (neither are text usernames, but they don't overlap as much as the first 25 integers do!), but it's a poor behavior that to mislead the universe about the nature of the fundamental user indentifier. Of course this wasn't designed, this behavior arose as an accident of the evolution of UNIX. It's an example of how very early decisions persist as environments change. This kind of forgotten vestige of prior evolution is fodder for crackers. There are biological equivalents -- bits of protein that viruses need but may no longer have much value for us.

No comments: