[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] Garbage collection

From: Ken Hornstein
Subject: Re: [Nmh-workers] Garbage collection
Date: Tue, 01 Jan 2013 18:55:06 -0500

>The "brokenness" is that OpenBSD simply doesn't implement utmpx, because
>it's seen as an unsafe and insecure interface. OpenBSD aren't the only ones
>who feel this way (the musl C library also doesn't support utmpx, for the
>same reasons: http://www.openwall.com/lists/musl/2012/03/04/4).

I'd find the "security" arguments more compelling if OpenBSD didn't
implement utmp, which has (as far I can tell) the same security issues.
And the security issues aren't inherent in the API, you could implement it
another way (see utmpd on Solaris).

>As far as I know the behavior of the utmpx functions are not defined by
>POSIX either.


Obviously some stuff is unspecified, like what you mean by the "user
accounting database".


reply via email to

[Prev in Thread] Current Thread [Next in Thread]