Date: Wed, 15 Nov 1995 01:32:33 +0300 (MSK) From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su> To: Peter Wemm <peter@jhome.dialix.com> Cc: committers@freebsd.org, davidg@Root.COM, security@freebsd.org Subject: Re: cvs commit: CVSROOT log_accum.pl Message-ID: <mz1aHgme-7@ache.dialup.demos.ru> In-Reply-To: <Pine.BSF.3.91.951114220712.4688H-100000@jhome.DIALix.COM>; from Peter Wemm at Tue, 14 Nov 1995 22:21:56 %2B0800 (WST) References: <Pine.BSF.3.91.951114220712.4688H-100000@jhome.DIALix.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.3.91.951114220712.4688H-100000@jhome.DIALix.COM>
Peter Wemm writes:
>The original implementation in 4.3BSD (or one of the -net releases)
>apparently the login name stored in the user struct and had it being
>strictly inherited from parent to child like setuid(). Somewhere along
>the way, it seems to have changed semantics to something that is somewhat
>"non-obvious". (witness the confusion about how to use it in all the
>code.. even 4.4BSD itself was not compatable with it's own semantics).
>I still think we should move the login name to the "struct ucred" - then
>the possibility of the entire session being accidently changed would no
>longer be an issue. struct ucred is normally 76 bytes long now. Another
>12 bytes wouldn't hurt all that much... (especially since another
>transient data structure would shrink as a result to partly offset the cost).
I agree. I is better fix than setlogin() restriction and compatible
with all existen software. Do you have a patch to look at?
--
Andrey A. Chernov : And I rest so composedly, /Now, in my bed,
ache@astral.msk.su : That any beholder /Might fancy me dead -
http://dt.demos.su/~ache : Might start at beholding me, /Thinking me dead.
RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?mz1aHgme-7>