[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[tpop3d-discuss]Some conditions may lead getpwuid to fail
From: |
Giampaolo Tomassoni |
Subject: |
[tpop3d-discuss]Some conditions may lead getpwuid to fail |
Date: |
Sat, 30 Sep 2006 16:45:54 +0200 |
Dears,
I see that in many auth_ modules in tpop3d (at least auth_pgsql) user
authentication involves the invoking of parse_uid() from util.c, followed by a
getpwuid() to obtain the user's struct passwd.
The purpose seems to me to obtain the struct passwd by allowing the user
database back-ends to return either a username or a uid.
Unfortunately, this causes some troubles to me. When it is difficult to assign
a unique id to each user, mailbox users are often given a single uid and the
user itself is identified only by its name, not by its uid. So, the chain
parse_uid() -> getpwuid() may give wrong results and should be avoided. Also,
it is inefficient when a username is involved, since basicly parse_uid() must
already obtain the passwd structure in order to convert the username to its uid.
The basic idea for a fix which doesn't impact on other cases, would be to use
getpwuid() only when the user field contains numbers, while relaying on
getpwnam() when a username is instead involved.
A attach a small patch which fixes this for the auth_pgsql module, since this
is the only one I can actually test. The patch adds the new function
get_pw_by_name_or_uid() to util.c, which basicly mimes the work of parse_uid(),
but gives back a struct passwd* by mean of getpwuid() or getpwnam(). In
auth_pgsql.c, a call to this function replaces the parse_uid() -> getpwuid()
chain.
I hope to see it in the main branch soon or later: it really seems to fix my
problem.
Regards,
-----------------------------------
Giampaolo Tomassoni - IT Consultant
Piazza VIII Aprile 1948, 4
I-53044 Chiusi (SI) - Italy
Ph: +39-0578-21100
tpop3d-1.5.3+pgsql-nogetpwuid.patch
Description: Binary data
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [tpop3d-discuss]Some conditions may lead getpwuid to fail,
Giampaolo Tomassoni <=