[PATCH] Re: pthread -- Corinna?

Christopher Faylor cgf@redhat.com
Mon Apr 16 22:45:00 GMT 2001


On Tue, Apr 17, 2001 at 03:32:24PM +1000, Robert Collins wrote:
>> -----Original Message-----
>> From: Christopher Faylor [ mailto:cgf@redhat.com ]
>> Sent: Tuesday, April 17, 2001 3:27 PM
>> To: cygwin-patches@cygwin.com; cygwin-xfree@cygwin.com
>> Subject: Re: [PATCH] Re: pthread -- Corinna?
>> 
>> 
>> On Tue, Apr 17, 2001 at 02:57:58PM +1000, Robert Collins wrote:
>> >> I won't disagree with the thought of getting rid of 
>> passwd_sem since
>> >> that is what I've been saying from the start.  I don't like the
>> >> idea of allowing a one-off parse of /etc/passwd, though.
>> >
>> >Why not? I'm suggesting that we actually get to check security on
>> >/etc/passwd in calls to getpwnam. Or is that a bad thing?
>> 
>> Not in general, but I know from experience that adding /etc/passwd
>> parsing slows down things badly and people complain.  I still have a
>> nagging feeling that we should be able to do this without resorting to
>> double parsing, too...  It's too late for me to do creative thinking,
>> though.
>
>Sure I agree with that. 
>
>My suggest re: manual parsing was broken. I'm not truely awake myself...
>(We'd re-enter fopen). Further thinking suggests that:
>
>we have two options and one bugfix.
>Bugfix: (We should set a notification on changes to /etc/password and
>reparse it if needed).

Yes.  We should add this as a todo item.  It's been a longstanding goal.

Cygwin could notice when it closes /etc/passwd after writing and reparse
it.  That wouldn't handle the case of people modifying /etc/passwd
via notepad but, nyah! nyah!

We also need to protect /etc/passwd parsing with a global lock.

>1) fail (return -1 or 0).
>2) inform the fopen function that we are bootstrapping our user list,
>don't check security (but user access to /etc/password must still get
>checked).
>
>I don't know the best way to do 2). Telling get_id_from_sid is the wrong
>way IMO. (The point being that on unix, the kernel _always_ has read
>access to files, and thus should always manage to read /etc/passwd.

So, that should be satisfied by my change.  /etc/passwd will be read
correctly when cygwin wants to access it but "user" attempts will fail.

cgf



More information about the Cygwin-patches mailing list