[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re : Concerns about login

From: Marc-Olivier Mercier
Subject: Re : Concerns about login
Date: Thu, 06 Mar 2008 22:27:14 -0500
User-agent: Mozilla-Thunderbird (X11/20080109)

Samuel Thibault wrote:
Marc-Olivier Mercier, le Sun 24 Feb 2008 10:57:24 -0500, a écrit :
There's many patches possible :

4): treat (signed long)(-1) as a special case, allowing value 0 to
(signed long)(-2) to be used normally.

I've checked in SUSv3: uid_t is allowed to be unsigned
You're right. a simple patch like this one makes the paranoid option work. I tested it with login and it worked, it also worked with loginpr. I don't know if there is other stuff to change...

--Marc O.
Index: idvec-verify.c
RCS file: /sources/hurd/hurd/libshouldbeinlibc/idvec-verify.c,v
retrieving revision 1.11
diff -u -p -r1.11 idvec-verify.c
--- idvec-verify.c      6 Aug 2003 22:10:28 -0000       1.11
+++ idvec-verify.c      7 Mar 2008 02:36:59 -0000
@@ -258,7 +258,7 @@ verify_id (uid_t id, int is_group, int m
   /* VERIFY_FN should have been defaulted in idvec_verify if necessary.  */
   assert (verify_fn);
-  if (id >= 0)
+  if ((signed int)id != -1)
        if (is_group)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]