ntsec patch #4: passwd and group

Pierre A. Humblet Pierre.Humblet@ieee.org
Mon Nov 11 09:04:00 GMT 2002

Corinna Vinschen wrote:

> > There are still a couple of places where internal_getgrent () is
> > called and they will have to be cleaned up some way.
> That's correct, they are undermining thread safety.  However, they
> are not alwaus used to retrieve the SID.  Some calls are basically
> used to get a uid/gid or the whole passwd/group entry.  OTOH, they
> must not interfere with the internal calls.  We still need "internal"
> calls additionally to your getgrsid/getpwsid calls.

Yes. I simply wanted to say that outside of passwd/grp.cc the only spots to 
watch are those that have internal_getgrent (). If it was simply a matter
of calling the new functions, I would have done it.

> That's not a problem at all.  The non _r calls are not meant to
> be thread safe so they may use static local buffers legally.

We have two distinct issues: 1): Thread safe. 2) Having valid pointers 
after the passwd/grp file is updated, in a single threaded program. 
The static buffers flunk both, they can only flunk 1). 
> You didn't send patches, just a ChangeLog entry.
For #1 and #2 I sent patches as attachment (from Netscape). I just looked
at the web, the patches show up as part of the messages
For #3 there was always a short patch inside the e-mail.


More information about the Cygwin-developers mailing list