Re : Concerns about login

bug-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re : Concerns about login

From:	Marc-Olivier Mercier
Subject:	Re : Concerns about login
Date:	Thu, 06 Mar 2008 22:27:14 -0500
User-agent:	Mozilla-Thunderbird 2.0.0.9 (X11/20080109)

Samuel Thibault wrote:

Marc-Olivier Mercier, le Sun 24 Feb 2008 10:57:24 -0500, a écrit :

There's many patches possible :


4): treat (signed long)(-1) as a special case, allowing value 0 to
(signed long)(-2) to be used normally.

I've checked in SUSv3: uid_t is allowed to be unsigned

You're right. a simple patch like this one makes the paranoid optionwork. I tested it with login and it worked, it also worked with loginpr.I don't know if there is other stuff to change...


--Marc O.

Index: idvec-verify.c
===================================================================
RCS file: /sources/hurd/hurd/libshouldbeinlibc/idvec-verify.c,v
retrieving revision 1.11
diff -u -p -r1.11 idvec-verify.c
--- idvec-verify.c      6 Aug 2003 22:10:28 -0000       1.11
+++ idvec-verify.c      7 Mar 2008 02:36:59 -0000
@@ -258,7 +258,7 @@ verify_id (uid_t id, int is_group, int m
   /* VERIFY_FN should have been defaulted in idvec_verify if necessary.  */
   assert (verify_fn);
 
-  if (id >= 0)
+  if ((signed int)id != -1)
     do
       {
        if (is_group)

[Prev in Thread]

Current Thread

[Next in Thread]

Re : Concerns about login, Marc-Olivier Mercier <=
- Re: Re : Concerns about login, Samuel Thibault, 2008/03/07
  - Re : Concerns about login, Marc-Olivier Mercier, 2008/03/07
    - Re: Re : Concerns about login, Samuel Thibault, 2008/03/07
    - Re: Re : Concerns about login, Marc-Olivier Mercier, 2008/03/08

Prev by Date: [PATCH] Unsafe reception of data
Next by Date: Re: Re : Concerns about login
Previous by thread: [PATCH] Unsafe reception of data
Next by thread: Re: Re : Concerns about login
Index(es):
- Date
- Thread