Re: [gamin] socket credentials: necessary?
- From: Daniel Veillard <veillard redhat com>
- To: "Neal H. Walfield" <neal walfield org>
- Cc: gamin-list gnome org
- Subject: Re: [gamin] socket credentials: necessary?
- Date: Wed, 15 Jun 2005 06:55:55 -0400
On Tue, Jun 07, 2005 at 02:42:40PM +0100, Neal H. Walfield wrote:
> > I'm not exclusive, but inclusive. You're touching a default behaviour
> > so those can't just be listed, examples coming to mind are the various AIXes,
> > MacOS X, HP-UX for example.
>
> This is the point I don't understand: the patch only fixes what the
> Gamin claims to already do, i.e. support systems without LOCAL_CRED.
> If a system does not have LOCAL_CRED defined but does have the
> cmsgcred structure then Gamin will not work on that system at all.
Well the patch actually trash the authentication on Linux. HAVE_CMSGCRED
is not defined, so we end up with lack_creds == 0 and as a result, socket
credentail are not even tested and c_pid is set to getuid() whicn also
mean all the debugging infrastructure can't report the PID of the target
process anymore. This is fairly bad since this ended up in 0.1.1 and
now I have 1/ a potential security problems and 2/ a broken debugging
infrastructure. I reverted the patch in CVS
Daniel
--
Daniel Veillard | Red Hat Desktop team http://redhat.com/
veillard redhat com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
