delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin-developers/2002/11/11/11:47:26

Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT cygwin DOT com>
List-Help: <mailto:cygwin-developers-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT cygwin DOT com
Delivered-To: mailing list cygwin-developers AT cygwin DOT com
Date: Mon, 11 Nov 2002 17:47:20 +0100
From: Corinna Vinschen <vinschen AT redhat DOT com>
To: cygwin-developers AT cygwin DOT com
Subject: Re: ntsec patch #4: passwd and group
Message-ID: <20021111174720.X10395@cygbert.vinschen.de>
Reply-To: cygwin-developers AT cygwin DOT com
Mail-Followup-To: cygwin-developers AT cygwin DOT com
References: <3DCBD52C DOT A1F794FD AT ieee DOT org> <20021108171918 DOT P21920 AT cygbert DOT vinschen DOT de> <3DCBEFF5 DOT 850B999E AT ieee DOT org> <20021111145612 DOT T10395 AT cygbert DOT vinschen DOT de> <3DCFC6BB DOT 570DF472 AT ieee DOT org>
Mime-Version: 1.0
In-Reply-To: <3DCFC6BB.570DF472@ieee.org>
User-Agent: Mutt/1.3.22.1i

On Mon, Nov 11, 2002 at 10:03:23AM -0500, Pierre A. Humblet wrote:
> Corinna Vinschen wrote:
> > Hmmm.  I understand.  Yes, that's actually potentially harmful.
> > So we have to encapsulate the whole call into a mutex bracket,
> > unfortunately...  Oh, and all returned pointer would have to
> > point to a copied datatstructure instead of pointing into
> > the passwd or group structure.
> 
> Exactly, we need one of these "one writer or many readers" mutexes. 

I don't think it makes sense to use a sophisticated mutex thingy for
reading passwd/group info.  See below.

> There are still a couple of places where internal_getgrent () is 
> called and they will have to be cleaned up some way.

That's correct, they are undermining thread safety.  However, they
are not alwaus used to retrieve the SID.  Some calls are basically 
used to get a uid/gid or the whole passwd/group entry.  OTOH, they
must not interfere with the internal calls.  We still need "internal"
calls additionally to your getgrsid/getpwsid calls.

> For the external API, a mutex isn't enough, we will have to copy the
> strings that are in the internal buffer. That will work for the _r series
> of pw/gr calls, but not for the calls returning static storage.
> That's why I was asking if you knew applications that NEED to reread 
> passwd/group as soon as it is changed. 

That's not a problem at all.  The non _r calls are not meant to
be thread safe so they may use static local buffers legally.

> P.S.: did you have a chance to look at the first three patches?

You didn't send patches, just a ChangeLog entry.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin AT cygwin DOT com
Red Hat, Inc.

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019