[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Why can't root check in files?
From: |
Greg A. Woods |
Subject: |
Re: Why can't root check in files? |
Date: |
Fri, 12 Oct 2001 13:18:39 -0400 (EDT) |
[ On Friday, October 12, 2001 at 12:12:27 (-0400), Larry Jones wrote: ]
> Subject: Re: Why can't root check in files?
>
> If you're using su to get to root, then CVS should be able to figure out
> your real userid and you should be able to commit. If not, you need to
> figure out why getlogin() doesn't work right on your system.
Getlogin() is not always secure [*], and it's not really portable
despite being defined by IEEE 1003.1. It should be OK on 4.4BSD. On
some other systems which track the original login ID there are other
similar calls which are supposedly secure....
[*] From the BUGS section of the 4.4BSD manual page:
In earlier versions of the system, the value returned
by getlogin() could not be trusted without checking the user ID.
Portable programs should probably still make this check.
(and that means if (*(getpwnam(getlogin))->pw_uid != getuid()) then the
result is untrusted)
--
Greg A. Woods
+1 416 218-0098 VE3TCP <address@hidden> <address@hidden>
Planix, Inc. <address@hidden>; Secrets of the Weird <address@hidden>
- Why can't root check in files?, luke, 2001/10/09
- Re: Why can't root check in files?, Larry Jones, 2001/10/10
- Re: Why can't root check in files?, luke, 2001/10/11
- Re: Why can't root check in files?, Mike Castle, 2001/10/11
- Re: Why can't root check in files?, luke, 2001/10/11
- Re: Why can't root check in files?, Greg A. Woods, 2001/10/11
- Re: Why can't root check in files?, luke, 2001/10/14
- Re: Why can't root check in files?, Greg A. Woods, 2001/10/15
- Re: Why can't root check in files?, luke, 2001/10/15
- Re: Why can't root check in files?, Larry Jones, 2001/10/12
- Re: Why can't root check in files?,
Greg A. Woods <=
- Re: Why can't root check in files?, Larry Jones, 2001/10/12
- Re: Why can't root check in files?, Greg A. Woods, 2001/10/12
- Re: Why can't root check in files?, Eric Siegerman, 2001/10/12
- Re: Why can't root check in files?, Greg A. Woods, 2001/10/11