This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Reorganizing internal_getlogin()

Christopher Faylor wrote:

> Stupid question time: Do we *really* need to set these environment
> variables?  What would break if we just didn't set them?  I can't
> imagine any well-written software relying on these being set correctly.
> How can you rely on something that a user could modify?  

Excellent question. Answer: only to do as Windows, presumably when
calling Windows program. I can't imagine any unix programmer using 
them.

I will look at Chris version tonight, at home...


Corinna Vinschen wrote:

> > One thing that I changed was to not query for a user name if you've
> > already gotten the user name from GetUserName.  I also changed the HOME
> 
> This isn't correct since GetUserName() returns the old username after
> impersonating another user so it returns a value but it's incorrect.
> Therefore we can't rely on that value in NT.  It's just used for 9x
> and it's used in NT to get a string for debug_printf.
> 
Corinna,

Among the stuff that I sent last night, I think that the change to 
syscalls.cc is non controversial.  It avoids calling internal_getlogin
from seteuid (assuming somebody else with set the Windows env). 
Could you have a look at it and possibly apply it?

Similarly the essence of the change to uinfo_init (and drct0.cc) is also 
non-controversial. That is 
1) deciding if a "parent" is non-Cygwin should be done based on 
child_proc_info, either as a global or (more modularly) passed as a 
flag.
2) calling internal_getlogin from uinfo_init is only necessary when 
the "parent" is non-cygwin.

With those changes, internal_getlogin is only called when entering from
outside Cygwin. In that case, GetUserName() will return the correct name, 
except in the case where 
a) a cygwin program impersonates a user
b) the impersonated user eventually calls a non-cygwin program
c) the non-cygwin program eventually calls a cygwin program 
However in that case the passwd file will have sids, the user
will be found from its sid, and the output of GetUserName will
be ignored. So we are OK.

By the way, note that calling GetUserName() in internal_getlogin is 
perfectly useless because cygheap->user.name was ALREADY initialized
in shared.cc:memory_init (from GetUserName() !) 

Another non-controversial change is in spawn.cc where the sid passed
to __sec_user() can be cygheap->user.sid () [simpler/faster than 
getting it from the token], and the test before RevertToSelf can be 
removed (a good compiler would remove it..).
Could you edit the file directly [or apply only that part of my patch]. 
Thanks.

Pierre
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]