This is the mail archive of the cygwin-patches@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Part 2 of Fixing a security hole in pinfo.


At 10:03 AM 9/15/2003 +0200, you wrote:
>On Sat, Sep 13, 2003 at 10:30:55PM -0400, Christopher Faylor wrote:
>> On Sat, Sep 13, 2003 at 10:07:42PM -0400, Pierre A. Humblet wrote:
>> >This is the second and final part of the pinfo security patch. 
>> 
>> Looks like a Corinna yea or nay on this one.
>
>The changes look good.  Please apply, Pierre.

Done

>FYI:
>
>What bugged me when reading the patch was my decision at one point to
>use the phrase "orig_sid".  The "orig_sid" is basically what is called
>a "saved id" in POSIX systems and I think it would help reading the
>code if we also rename orig_sid/orig_uid/orig_gid to saved_sid/saved_uid/
>saved_gid and using the phrase "saved" instead of "orig" or "original"
>throughout.

It's true that there are similarities, but there are also important
differences, so using the exact same name may be confusing. 
Not sure what to suggest, your original choice makes sense to me :)

There is also a change I'd like to make eventually: the original_sid
and the sid are cmalloc'ed. As they have a fixed size and every process
needs them, we might as well make them cygsid's in the user structure.
That would be safer and would simplify a few things.

Pierre


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]