[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why can't root check in files?

From: Greg A. Woods
Subject: Re: Why can't root check in files?
Date: Fri, 12 Oct 2001 13:18:39 -0400 (EDT)

[ On Friday, October 12, 2001 at 12:12:27 (-0400), Larry Jones wrote: ]
> Subject: Re: Why can't root check in files?
> If you're using su to get to root, then CVS should be able to figure out
> your real userid and you should be able to commit.  If not, you need to
> figure out why getlogin() doesn't work right on your system.

Getlogin() is not always secure [*], and it's not really portable
despite being defined by IEEE 1003.1.  It should be OK on 4.4BSD.  On
some other systems which track the original login ID there are other
similar calls which are supposedly secure....

[*] From the BUGS section of the 4.4BSD manual page:

     In earlier versions of the system, the value returned
     by getlogin() could not be trusted without checking the user ID.
     Portable programs should probably still make this check.

(and that means if (*(getpwnam(getlogin))->pw_uid != getuid()) then the
result is untrusted)

                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <address@hidden>     <address@hidden>
Planix, Inc. <address@hidden>;   Secrets of the Weird <address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]