Date: Tue, 20 Nov 2001 17:34:36 +0200 From: Ruslan Ermilov <ru@FreeBSD.org> To: Anton Berezin <tobez@tobez.org>, Max Khon <fjoe@iclub.nsu.ru>, current@FreeBSD.org Subject: Re: misc/15421 (was: Re: initgroups) Message-ID: <20011120173436.B49056@sunbay.com> In-Reply-To: <20011120154352.D36033@heechee.tobez.org> References: <20011114021956.B10325@iclub.nsu.ru> <3BF19EA9.3FC5F040@mindspring.com> <20011119181949.R32927@sunbay.com> <20011119222854.B38492@iclub.nsu.ru> <20011120150239.D7645@sunbay.com> <20011120151250.C36033@heechee.tobez.org> <20011120162703.A34879@sunbay.com> <20011120154352.D36033@heechee.tobez.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Nov 20, 2001 at 03:43:52PM +0100, Anton Berezin wrote: > On Tue, Nov 20, 2001 at 04:27:03PM +0200, Ruslan Ermilov wrote: > > On Tue, Nov 20, 2001 at 03:12:50PM +0100, Anton Berezin wrote: > > > On Tue, Nov 20, 2001 at 03:02:39PM +0200, Ruslan Ermilov wrote: > > > > > While this is indeed a good thing to do, this is completely > > > > unrelated to the above mentioned problem, and should be done > > > > separately. Here's the list of src/ files that do not check the > > > > return value of initgroups(3), and may need to be fixed, but some > > > > of them explicitly ignore the result to indicate the fact they > > > > consider this error non-fatal. > > > > > libexec/ftpd/ftpd.c > > > > libexec/rexecd/rexecd.c > > > > usr.bin/calendar/calendar.c > > > > usr.sbin/inetd/inetd.c > > > > > > There used to be *many* more problematic files. Please see > > > > > > http://www.freebsd.org/cgi/getmsg.cgi?fetch=801566+0+/usr/local/www/db/text/2001/freebsd-stable/20010722.freebsd-stable > > > > > > To my knowledge, only printjob.c was fixed, though I have not looked > > > into every file in the list since then. > > > Yes, but I specifically left contrib/ and crypto/ files, and files that > > do not check the result of other calls like setgrp() etc. > > We do not want to omit contrib/ files, since the whole hoopla started > because of the contrib/cvs/. > > > > But as I said in the private message, I do not feel strongly about > > > this, and I think that the fix can be safely committed. I do not > > > think these things are quite unrelated, though. :-) > > > Not checking the return value is always BAD except when (not) done > > intentionally (flagged by a(void)ing the return value of a function), > > whether or not a function in question prints some diagnostic output on > > standard error; that's why I still think these problems are in fact > > unrelated. :-) > > In this case your own version of the fix should be modified from > > + getgrouplist(uname, agroup, groups, &ngroups); > + return (setgroups(ngroups, groups); > > to > > + (void) getgrouplist(uname, agroup, groups, &ngroups); > + return (setgroups(ngroups, groups); > > , to be pedantic. :-) > Not actually, because getgrouplist(3) is special in that -1 is not actually an error, but an indication that the resulting array was too small to hold all groups. :-) > The point I am trying to (not very strongly) make is that we at least > have some indication that there is a problem with the current behavior > (with the exception of the daemons with closed/redirected to /dev/null > stderr). By (rightfully) fixing initgroups(), we loose even this > precious little diagnostic we have. That's why initgroups() fix and the > code audit are probably best done at the same time - unless we can > guarantee the audit part will not be forgotten. > Sure, you can just change the synopsis of your PR. :-) Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011120173436.B49056>