Re: Issues with last Friday's CVS

[Richard Frith-Macdonald]

On Wednesday, October 8, 2003, at 08:30 AM, Frédéric PRACA wrote:

> Selon Adam Fedor <fedor@doc.com>:
> Hi,
>
> > > base/Tools:
> > >         gdomap:
> > >         * 'when' is still defined as 'long', not 'time_t'
> > >         * It's still jailing the process in /tmp THEN tries to get the
> > >           uid and gid -- which OF COURSE will fail, because there is no
> > >           /etc/passwd to access. You'll end up with a ridiculously high
> > >           user id (sth. like 4mio)
> > >
> > > I've sent a patch for those two weeks ago, so I'm curious about this
> > > one...
> >
> > I think it's a decent patch, but I'd still like comments from other
> > people about it.
> My comment is not probably really useful as I have FreeBSD like Chris 
> but
> without that patch, gdomap is running under an arbitrary uid (just a 
> number in
> fact) and consumes 100% CPU. So, looking for that patch every time I 
> check out
> the whole tree is quite not easy.

I think I missed the original patch, but I've just altered gdomap.c to 
add a few
checks and to reposition the call to getpwnam() before the chroot.

However, the existing code was fail-safe in that in the event of 
getpwnam()
failing, it uses -2 (which with the normal 16-bit uid/gid is set as 
65534 ...
which is conventionally the uid/gid given to the 'nobody' account).
In other words ... the actual uid/gid set should have been the expected
safe one anyway.