mirror of
https://github.com/kanidm/kanidm.git
synced 2025-02-23 12:37:00 +01:00
eba8dff23a
Our unix resolver would attempt the right thing to synthesise user private groups on linux as these are an important security boundary. However, it turns out that almost every distro has botched their default system user accounts, and many are installed with numeric-only UPGs that don't resolve. In the case that later the user does attempt to fix that, because we synthesised as UPG for the system account, the user trying to add the UPG would now fail. In some cases this could cause system updates to be prevented from installing. This change limits UPG synth to user accounts only (uid > 1000) which is the common uid boundary on unix-like platforms. |
||
|---|---|---|
| .. | ||
| debian | ||
| src | ||
| tests | ||
| build.rs | ||
| Cargo.toml | ||