Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Not safe | 17 comments | Create New Account
Click here to return to the 'Not safe' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Not safe
Authored by: SeanAhern on Sep 01, '03 12:09:28AM

Just assuming that a "normal" user's UID can't be <= 500 isn't a very safe way of doing things. Keeping a list of users in the program is also onerous. Better is to have that list be a UNIX group (see /etc/group on a normal system, the group databse in netinfo). Say, "staff". That way, any program can quickly check the group list to see if a given user should be authorized for a particular purpose. And it's easy to maintain.

Just my two cents.

---
-Sean



[ Reply to This | # ]