Re: idvec-verify...

bug-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: idvec-verify...

From:	Alfred M. Szmidt
Subject:	Re: idvec-verify...
Date:	Sat, 23 Oct 2004 09:54:27 +0200

   addauth with numeric IDs that are not in passwd/group/shadow should
   still work for root.  Does it?

For some value of works, yes.  ids will segfault if you try to list
effective/active ids in idvec-rep.c:loopkup_uid() since we try to
access memory at NULL (line 133).  Doing a rmauth will casue it to
work again.

   When it fails for a nonroot user it should diagnose a more useful
   error than EINVAL, at least EPERM.

Right.

   In fact, really addauth should just handle numeric IDs and try it,
   and when the auth server refuses for nonroot the EPERM return from
   auth_makeauth should propagate all the way back.

The idvec-verify.c functions still shouldn't cause a segfault, the
same applies to idvec-rep.c and any other case that doesn't check what
get*_r() returns.

Maybe just fixing get*_r() to set a return value of != 0 if the
structure it returns is NULL would be a better fix.  What do you
think?


Cheers.

[Prev in Thread]

Current Thread

[Next in Thread]

idvec-verify..., Alfred M. Szmidt, 2004/10/22
- Re: idvec-verify..., Roland McGrath, 2004/10/22
  - Re: idvec-verify..., Alfred M. Szmidt <=
    - Re: idvec-verify..., Roland McGrath, 2004/10/23
    - Re: idvec-verify..., Alfred M. Szmidt, 2004/10/23
    - Re: idvec-verify..., Roland McGrath, 2004/10/23
    - Re: idvec-verify..., Alfred M. Szmidt, 2004/10/23

Prev by Date: New! Vìagra soft tabs.
Next by Date: Re: [PATCH] eepro100.c on Thinkpad T30
Previous by thread: Re: idvec-verify...
Next by thread: Re: idvec-verify...
Index(es):
- Date
- Thread