ntsec patch #4: passwd and group

Pierre A. Humblet Pierre.Humblet@ieee.org
Mon Nov 11 12:24:00 GMT 2002

Corinna Vinschen wrote:

> But 2 is not an issue.  The appl. called getpwuid once and then the
> static buffer contains data.  That's it. 

At this point the application may do an open (), stat () or setuid (), 
intending to use the static buffer immediately after those calls
(a likely scenario with setuid () ?). However those calls may invalidate 
the pointers in the buffer.
I am not saying that this is a problem that needs immediate fixing,
only that it is an area of non-compliance. We may want to pay attention
to it when we revisit pw/gr to address the thread issues. 
> The *next* call copies
> other data into the static buffer.  Is there any sense to keep the
> static buffer in sync even though the application doesn't call
> the function again?  I don't think so.  It's even dangerous.
> I didn't get any email in October so I only saw your patch #4.
> I thought we would start from the beginning when I return from
> vacation.

I thought I had sent them in November, after you came back 
(after you sent the sshd update), but then you probably got a lot 
to do those days. Nothing has changed on my side, could you pick them 
up on the list? Thanks.


More information about the Cygwin-developers mailing list