libnss_extrausers:

With the following lines in /etc/nsswitch.conf

passwd:         compat extrausers
group:          compat extrausers
shadow:         compat extrausers

and /lib/libnss_extrausers.so.2 from this package, glibc will
not only look in /etc/{passwd,shadow,group} but also in
/var/lib/extrausers/{passwd,shadow,group}. It will limit itself
to uids and gids of at least 500 - where detectable - to avoid
root or system account access.

Since version 0.2, lines starting with # are ignored.

Security considerations:
	Allways use after compat in nsswitch.conf,
	otherwise it could overwrite the shadow-password for root.
	(shadow has not uids, so this cannot be ruled out)

	If someone is able to place terminals instead of the
	files, that could cause all programs to get a new
	controling terminal, making DoS attacks possible.

