ntsec patch #4: passwd and group

Corinna Vinschen vinschen@redhat.com
Tue Nov 12 09:18:00 GMT 2002

On Tue, Nov 12, 2002 at 12:02:43PM -0500, Pierre A. Humblet wrote:
> Corinna Vinschen wrote:
> > 
> > I'm not sure if we're talking about the same static buffer. 
> Right, we were not. What you propose is fine, with two 
> caveats:
> 1) Internal calls (from setuid, stat, etc... ) to getpwuid etc...
> should not overwrite the static area 

I Agree.  I didn't mention that because it's obvious.  All internal
calls to getpwXXX and friends should be substituted by an internal

> 2) The "maximum useful size" can be very large for the group 
> entries. They can have a lot of names in the gr_mem field.

If using a global buffer, it can be allocated by the getpwXXX
as needed.

> I have another suggestion that would allow keeping what we do now in the
> non-reentrant  case (i.e. avoid doing the copying to the static buffer): 
> simply never re-read the passwd file when called internally (from
> setuid, stat, etc..). Only do it on application calls to pw/gr functions.
> I think that's perfectly standard conformant and it won't break anything. 

Sounds like a very good idea.

> We still need to do something, either the "copy everything" or the
> "don't reread for internal calls". The advantage of the "don't reread" 
> is that it's faster (important for internal loops) and requires 
> fewer changes. If you don't object I will look further into it,
> but not urgently.

No objections.  I like the idea.  Why should Cygwin reread that stuff
internally when even the application doesn't care so far?


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.

More information about the Cygwin-developers mailing list