ntsec patch #4: passwd and group
Corinna Vinschen
vinschen@redhat.com
Tue Nov 12 09:18:00 GMT 2002
On Tue, Nov 12, 2002 at 12:02:43PM -0500, Pierre A. Humblet wrote:
> Corinna Vinschen wrote:
> >
> > I'm not sure if we're talking about the same static buffer.
>
> Right, we were not. What you propose is fine, with two
> caveats:
> 1) Internal calls (from setuid, stat, etc... ) to getpwuid etc...
> should not overwrite the static area
I Agree. I didn't mention that because it's obvious. All internal
calls to getpwXXX and friends should be substituted by an internal
version.
> 2) The "maximum useful size" can be very large for the group
> entries. They can have a lot of names in the gr_mem field.
If using a global buffer, it can be allocated by the getpwXXX
as needed.
> I have another suggestion that would allow keeping what we do now in the
> non-reentrant case (i.e. avoid doing the copying to the static buffer):
> simply never re-read the passwd file when called internally (from
> setuid, stat, etc..). Only do it on application calls to pw/gr functions.
> I think that's perfectly standard conformant and it won't break anything.
Sounds like a very good idea.
> We still need to do something, either the "copy everything" or the
> "don't reread for internal calls". The advantage of the "don't reread"
> is that it's faster (important for internal loops) and requires
> fewer changes. If you don't object I will look further into it,
> but not urgently.
No objections. I like the idea. Why should Cygwin reread that stuff
internally when even the application doesn't care so far?
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.
More information about the Cygwin-developers
mailing list