X-Recipient: archive-cygwin@delorie.com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:in-reply-to:message-id :references:mime-version:content-type; q=dns; s=default; b=ub3u8 ItUzs6bxM9pXm05lFcgCfRlZAj7MiQO2TKHkF+9lNvD4UCSKVSgzJeWHQ6yd21qT SYDJr1KqY8LNNqq/IlquxpW1TWB7QtH5/JqcVnsmkw3SG8DQkdenFeRHclN+IGRN Z7y/s4BrT+JAKUwmIEDK1SqvJDTfegQpZyC/FA= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:in-reply-to:message-id :references:mime-version:content-type; s=default; bh=dtrkiGv6P76 nI2D25c/R6K5q0Fo=; b=ruwU4WHXchcI8IGb562BXUn/ioiN0WHqPa8pv5QEYma LTea9faHzMDo/dWYFPA1jk69PmGaes2FA6zDaa73l+CgimzCMxddUU3LVFDfUmvU FbNcP7B0+Vnn3OwMNmlX6t0vZagvo1qV84wi1KoyT42+jekif/lxPlIA/nGSZDaM = Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Delivered-To: mailing list cygwin@cygwin.com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.4 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 X-HELO: mail.sciencetools.com Date: Wed, 12 Feb 2014 06:48:47 -0800 (PST) From: Richard To: cygwin@cygwin.com Subject: Re: get rid of getpwent? (Was: cygwin-1.7.28 getpwent header declaration changes ?) In-Reply-To: <20140212090804.GM2821@calimero.vinschen.de> Message-ID: References: <31347914-BB4F-4039-984B-731B6C72F903@etr-usa.com> <52F7AEC5.5090205@tiscali.co.uk> <8B7B5FE0-7413-4358-BA8A-E0B6E0B17653@etr-usa.com> <52F8B50E.7040307@lysator.liu.se> <52F92D58.9030408@etr-usa.com> <52F95D1D.4050108@tiscali.co.uk> <4510121021.20140211062515@mtu-net.ru> <52FAB14C.8060800@tiscali.co.uk> <52FABAF5.2060701@etr-usa.com> <52FAD730.9090507@redhat.com> <20140212090804.GM2821@calimero.vinschen.de> User-Agent: Alpine 2.03 (LFD 1266 2009-07-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-IsSubscribed: yes On Wed, 12 Feb 2014, Corinna Vinschen wrote: > On Feb 11 19:06, Eric Blake wrote: >> On 02/11/2014 05:06 PM, Warren Young wrote: >>> On 2/11/2014 16:25, David Stacey wrote: >>>> getpwent() is called in three different places. >>> >>> To those of you who have investigated these code paths: do any of them >>> look like they couldn't be replaced by getpwnam() or other calls that >>> would let cygwin1.dll do single-record AD/SAM lookups, rather than >>> whole-table/tree scans? >>> >>> That is, do any of these programs really need to visit every record in >>> /etc/passwd? >> >> libreadline wants to know how to tab-complete ~foo; to do that, it has >> to find all usernames beginning with foo. How would you do that without >> visiting every single record? > > This seems to be the major usage of getpwent these days. The question > is, how bad is it if only a handful entries, or even only a single one > (of oneself) show up? > > Either way, implementing a full getpwent requires to return the local > users, the users of the primary domain, and the users of all trusted > domains. I know of domains with 200K users and there are probably > bigger ones. How long should a search take when a user presses > after the ~? And then, shall the process running the getpwent actually > cache all of them? This seems really excessive. > Not only is it excessive, it's a massive security hole. ...I don't know why the present crop of geniuses don't know one of the most fundamental rules of security: don't give up usernames. (Yet, they do it all the time.) I vote get rid of the damned thing - not that my vote counts or that this is the place for it anyway! Richard -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple