Re: [Jailkit-users] Some problems with home directories and users with same user id

[Stephen Tallowitz]

Hello Olivier and Daniel,

I've been bugged by the thought of the multiple user names for one user id - 
I've never thought about it and have never considered the possibility.

In Linux tools (see any Debian based system, command "useradd") there is an 
option to allow multiple user names per id, but it has to be requested 
specifically. I believe there is a good reason for this. Most systems needing 
sophisticated access levels (some private files, some shared files, and some 
files readable by a daemon only), build their security around *groups* and hand 
out group memberships to users.

I have found an interesting and indepth article on Unix/Linux system security. 
Especially this page is of interest: 
http://www.lst.de/~okir/blackhats/node23.html
It states that the kernel only knows about user ids and the notion of user 
names is just a convenience for the user. So, if you have a tool like ISPConfig 
creating user names with the same user id you're in effect creating the same 
set of permissions at the kernel level - this sounds very dangerous if you're 
granting shell access to those users.

I've read through the article on setuid programmes 
(http://www.lst.de/~okir/blackhats/node22.html) and it seems absolutely 
possible that a user id is mapped to multiple user names. So if jailkit 
(specifically jk_chrootsh) goes ahead and checks user names outside and inside 
the jail match (as it does now), this seems to be the best thing that can be 
done, seeing that different usernames can be mapped to the same id. And 
security is paramount in jailkit.

I will follow up this line of thought on the jailkit-dev list, as I will get 
into more technical details.

Cheers,
Stephen