[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Issues with last Friday's CVS
From: |
Richard Frith-Macdonald |
Subject: |
Re: Issues with last Friday's CVS |
Date: |
Wed, 8 Oct 2003 11:45:17 +0100 |
On Wednesday, October 8, 2003, at 08:30 AM, Frédéric PRACA wrote:
Selon Adam Fedor <fedor@doc.com>:
Hi,
base/Tools:
gdomap:
* 'when' is still defined as 'long', not 'time_t'
* It's still jailing the process in /tmp THEN tries to get the
uid and gid -- which OF COURSE will fail, because there is no
/etc/passwd to access. You'll end up with a ridiculously high
user id (sth. like 4mio)
I've sent a patch for those two weeks ago, so I'm curious about this
one...
I think it's a decent patch, but I'd still like comments from other
people about it.
My comment is not probably really useful as I have FreeBSD like Chris
but
without that patch, gdomap is running under an arbitrary uid (just a
number in
fact) and consumes 100% CPU. So, looking for that patch every time I
check out
the whole tree is quite not easy.
I think I missed the original patch, but I've just altered gdomap.c to
add a few
checks and to reposition the call to getpwnam() before the chroot.
However, the existing code was fail-safe in that in the event of
getpwnam()
failing, it uses -2 (which with the normal 16-bit uid/gid is set as
65534 ...
which is conventionally the uid/gid given to the 'nobody' account).
In other words ... the actual uid/gid set should have been the expected
safe one anyway.
Re: Issues with last Friday's CVS, Matt Rice, 2003/10/07