Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-developers-owner AT cygwin DOT com Delivered-To: mailing list cygwin-developers AT cygwin DOT com Date: Mon, 11 Nov 2002 17:47:20 +0100 From: Corinna Vinschen To: cygwin-developers AT cygwin DOT com Subject: Re: ntsec patch #4: passwd and group Message-ID: <20021111174720.X10395@cygbert.vinschen.de> Reply-To: cygwin-developers AT cygwin DOT com Mail-Followup-To: cygwin-developers AT cygwin DOT com References: <3DCBD52C DOT A1F794FD AT ieee DOT org> <20021108171918 DOT P21920 AT cygbert DOT vinschen DOT de> <3DCBEFF5 DOT 850B999E AT ieee DOT org> <20021111145612 DOT T10395 AT cygbert DOT vinschen DOT de> <3DCFC6BB DOT 570DF472 AT ieee DOT org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3DCFC6BB.570DF472@ieee.org> User-Agent: Mutt/1.3.22.1i On Mon, Nov 11, 2002 at 10:03:23AM -0500, Pierre A. Humblet wrote: > Corinna Vinschen wrote: > > Hmmm. I understand. Yes, that's actually potentially harmful. > > So we have to encapsulate the whole call into a mutex bracket, > > unfortunately... Oh, and all returned pointer would have to > > point to a copied datatstructure instead of pointing into > > the passwd or group structure. > > Exactly, we need one of these "one writer or many readers" mutexes. I don't think it makes sense to use a sophisticated mutex thingy for reading passwd/group info. See below. > There are still a couple of places where internal_getgrent () is > called and they will have to be cleaned up some way. That's correct, they are undermining thread safety. However, they are not alwaus used to retrieve the SID. Some calls are basically used to get a uid/gid or the whole passwd/group entry. OTOH, they must not interfere with the internal calls. We still need "internal" calls additionally to your getgrsid/getpwsid calls. > For the external API, a mutex isn't enough, we will have to copy the > strings that are in the internal buffer. That will work for the _r series > of pw/gr calls, but not for the calls returning static storage. > That's why I was asking if you knew applications that NEED to reread > passwd/group as soon as it is changed. That's not a problem at all. The non _r calls are not meant to be thread safe so they may use static local buffers legally. > P.S.: did you have a chance to look at the first three patches? You didn't send patches, just a ChangeLog entry. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:cygwin AT cygwin DOT com Red Hat, Inc.