Re: new module 'pt_chown'

[Bruno Haible]

Hi Simon,

> Did you intend for the 'grantpt' and 'pt_chown' modules (marked as LGPL)
> to depend on 'idpriv-drop' which is marked as GPL?  I'm not sure what
> you meant above though, so I could be missing something, but I got these
> warnings:
> 
> gnulib-tool: warning: module grantpt depends on a module with an incompatible 
> license: idpriv-drop
> gnulib-tool: warning: module pt_chown depends on a module with an 
> incompatible license: idpriv-drop

Oops, I did not see this. In fact, dropping the privileges is not needed here
(except if you consider strcmp and printf with literal strings "dangerous"
operations, which I don't).


2010-03-23  Bruno Haible  <address@hidden>

        pt_chown: Don't depend on GPLed modules.
        * lib/pt_chown.c: Don't include idpriv.h.
        (main): Don't drop privileges.
        * modules/pt_chown (Depends-on): Remove idpriv-drop.
        Reported by Simon Josefsson.

--- lib/pt_chown.c.orig Wed Mar 24 01:03:22 2010
+++ lib/pt_chown.c      Wed Mar 24 01:02:19 2010
@@ -25,7 +25,6 @@
 #include <sys/stat.h>
 #include <unistd.h>
 
-#include "idpriv.h"
 #include "pty-private.h"
 
 /* For security reasons, we try to minimize the dependencies on libraries
@@ -83,9 +82,8 @@
       return do_pt_chown ();
     }
 
-  /* We aren't going to be using privileges, so drop them right now. */
-  if (idpriv_drop () < 0)
-    return EXIT_FAILURE;
+  /* It would be possible to drop setuid/setgid privileges here.  But it is not
+     really needed, since the code below only calls strcmp and [f]printf.  */
 
   {
     int do_help = 0;
--- modules/pt_chown.orig       Wed Mar 24 01:03:22 2010
+++ modules/pt_chown    Wed Mar 24 01:03:00 2010
@@ -6,7 +6,6 @@
 lib/pty-private.h
 
 Depends-on:
-idpriv-drop
 ptsname
 
 configure.ac: