Date: Mon, 04 Jun 2012 13:20:21 -0500 From: Bryan Drewery <bryan@shatow.net> To: freebsd-hackers@freebsd.org Subject: Re: [RFC] last(1) with security.bsd.see_other_uids support Message-ID: <4FCCFC65.4090400@shatow.net> In-Reply-To: <4FCCB584.4050808@shatow.net> References: <4FCC126C.1020600@shatow.net> <20120604094214.GC1387@garage.freebsd.pl> <4FCCB584.4050808@shatow.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig1516D44EF4348E22ACAD7A95
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
On 6/4/2012 8:17 AM, Bryan Drewery wrote:
>=20
>=20
> On 6/4/2012 4:42 AM, Pawel Jakub Dawidek wrote:
>> A library is definiately a better place, although then I wouldn't pass=
>> see_other_uids as an argument, but obtain it within the function itsel=
f.
>=20
> Does libc make sense for this? I'm thinking yes since it's where the ut=
x
> functions live.
>=20
> In particular this change seems to make sense in getutxent(3).
>=20
> Though I do not want to violate POSIX...
>=20
> The endutxent(), getutxent(), getutxid(), getutxline() and setutxe=
nt()
> functions are expected to conform to IEEE Std 1003.1-2008
> (``POSIX.1'').
>=20
Found this [1]:
An implementation that provides extended security controls may
impose implementation-defined restrictions on accessing the user
accounting database. In particular, the system may deny the
existence of some or all of the user accounting database entries
associated with users other than the caller.
So POSIX allows this.
I will proceed and submit another patch for review soon.
Regards,
Bryan Drewery
bdrewery@freenode, bryan@EFNet
[1] http://pubs.opengroup.org/onlinepubs/009695399/functions/getutxid.htm=
l
--------------enig1516D44EF4348E22ACAD7A95
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBAgAGBQJPzPxlAAoJEG54KsA8mwz5OicQAKqrHdLvO0tqMcLHYQFTkgBe
Y8XH6PcG6JkiCxp6J5kVA6gQlOX5HKAWMD/qw7NMzxavRYuogGJf6vm3b66tp1A+
aA7yLr5MPPSW8L2FiQjskax38lWB3OSvQzrRKC6gPxQAzgkXVCpQ+krcSMGFgl6/
abX28PI9yytp1XWwv0gFO68CB5lWcmsStj5oGS2BaucpRuJuJmCJ9RWbFyeXcllY
TUNfHzVaXPQ4MxDJQMwGHvCZoLRcAHZIeYdErbaKvtu17t2eGz6mnjW6mi9CJ8ol
A3eTp+kh1rTKmqjWcZZuqSFYsKTO3zAus7PO3ZTNK5hyfubX9DAqydgjRaboJTep
3LadKoK6XtZaSw4apyy1HxG2piqC0i9yz/VzAVa/+SWTxBLNgCStNZlnL9c0WQli
bfUOuGN2spE7hWAqJxsooiu2eO/1Rm6awxUkxKg6M969coRBMX5CnBrUIvzb20lF
IADjoakUJL3pfOTV1RtCsmTGOFccevVEwrSToXTgUrZ0MRTAYHOY7n05mNpFToiv
U0Cp1JEr3zFwurnyT21jUksXkZEL9mHqxyC+ZKGlLR+GL6OFlDTkUPUQQrEZDjz7
yUuseCzWkgLXO3EdArEM2tiM+RnjRn8yvTI3QyIiStDwkcgGzLxJ3IDzWmfUAQVW
lmSxMqJvuk1d0ed+fAl9
=Zjx3
-----END PGP SIGNATURE-----
--------------enig1516D44EF4348E22ACAD7A95--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FCCFC65.4090400>