From owner-svn-src-head@FreeBSD.ORG Thu Dec 27 20:25:57 2012 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8E69E79E; Thu, 27 Dec 2012 20:25:57 +0000 (UTC) (envelope-from baptiste.daroussin@gmail.com) Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) by mx1.freebsd.org (Postfix) with ESMTP id C09748FC08; Thu, 27 Dec 2012 20:25:56 +0000 (UTC) Received: by mail-wi0-f170.google.com with SMTP id hq7so4780249wib.5 for ; Thu, 27 Dec 2012 12:25:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:sender:date:from:to:cc:subject:message-id:references :mime-version:content-type:content-disposition:in-reply-to :user-agent; bh=CtpHTZfhoQkJMNGQ5m4TgbGiQtaeXmSHCHjHrlix+yo=; b=HkgKs4AgHhhvyCxYETzRWhA19740nEfCjGHhErYtYDmkZ6vlHPTDBSI2jiYQ4J7piF tgnTKP3Reg/3jg6VQ502vNQI5EVW1PGluiIz2dM9eQ0ZB0ZZInboyoUXHFdsGwgTkseh GeaG1q+M4MK3mSfILB0PYQoRgcV7+IAMQ98C13XZr+l58OYU5lRPPDpVZVG0fJDVCJB0 NzXtXIEPFnW/17FdeVR41M2C0Ntvkb4+G9x0zvNDfjuORjOMnRzX81eTSWjC+QryCWon cGGKAyx0+kPGQ2cZf0fCqxSEp5I+04kg3BbhHHWS9HA7lTeZ47uYqtmulAr9aLuIwzKx FK4Q== X-Received: by 10.194.5.74 with SMTP id q10mr50873600wjq.13.1356639955880; Thu, 27 Dec 2012 12:25:55 -0800 (PST) Received: from ithaqua.etoilebsd.net (ithaqua.etoilebsd.net. [37.59.37.188]) by mx.google.com with ESMTPS id u6sm50982844wif.2.2012.12.27.12.25.54 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 27 Dec 2012 12:25:55 -0800 (PST) Sender: Baptiste Daroussin Date: Thu, 27 Dec 2012 21:25:53 +0100 From: Baptiste Daroussin To: Jilles Tjoelker Subject: Re: svn commit: r244735 - head/lib/libutil Message-ID: <20121227202553.GA48771@ithaqua.etoilebsd.net> References: <201212271409.qBRE9ogT092286@svn.freebsd.org> <20121227202113.GA36622@stack.nl> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="OXfL5xGRrasGEqWY" Content-Disposition: inline In-Reply-To: <20121227202113.GA36622@stack.nl> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Dec 2012 20:25:57 -0000 --OXfL5xGRrasGEqWY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 27, 2012 at 09:21:13PM +0100, Jilles Tjoelker wrote: > On Thu, Dec 27, 2012 at 02:09:50PM +0000, Baptiste Daroussin wrote: > > Author: bapt > > Date: Thu Dec 27 14:09:50 2012 > > New Revision: 244735 > > URL: http://svnweb.freebsd.org/changeset/base/244735 >=20 > > Log: > > Use flopen(3) instead of open(2) + flock(2) >=20 > > Modified: > > head/lib/libutil/gr_util.c > > head/lib/libutil/pw_util.c >=20 > > Modified: head/lib/libutil/gr_util.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D > > --- head/lib/libutil/gr_util.c Thu Dec 27 13:21:37 2012 (r244734) > > +++ head/lib/libutil/gr_util.c Thu Dec 27 14:09:50 2012 (r244735) > > @@ -106,10 +106,8 @@ gr_lock(void) > > for (;;) { > > struct stat st; > > =20 > > - lockfd =3D open(group_file, O_RDONLY, 0); > > - if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) =3D=3D -1) > > - err(1, "%s", group_file); > > - if (flock(lockfd, LOCK_EX|LOCK_NB) =3D=3D -1) { > > + lockfd =3D flopen(group_file, O_RDONLY|O_NONBLOCK, 0); > > + if (lockfd =3D=3D -1) { > > if (errno =3D=3D EWOULDBLOCK) { > > errx(1, "the group file is busy"); > > } else { > >=20 > > Modified: head/lib/libutil/pw_util.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D > > --- head/lib/libutil/pw_util.c Thu Dec 27 13:21:37 2012 (r244734) > > +++ head/lib/libutil/pw_util.c Thu Dec 27 14:09:50 2012 (r244735) > > @@ -179,11 +179,8 @@ pw_lock(void) > > for (;;) { > > struct stat st; > > =20 > > - lockfd =3D open(masterpasswd, O_RDONLY, 0); > > - if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) =3D=3D -1) > > - err(1, "%s", masterpasswd); > > - /* XXX vulnerable to race conditions */ > > - if (flock(lockfd, LOCK_EX|LOCK_NB) =3D=3D -1) { > > + lockfd =3D flopen(masterpasswd, O_RDONLY|O_NONBLOCK, 0); > > + if (lockfd =3D=3D -1) { > > if (errno =3D=3D EWOULDBLOCK) { > > errx(1, "the password db file is busy"); > > } else { >=20 > The fcntl(lockfd, F_SETFD, 1) was removed and not replaced by anything. > The comment in pw_util.c gives the impression that this is vital for > security; in fact, chpass does not keep the password file locked across > a user's editor. However, the idea of setting close-on-exec on this file > descriptor is good. Please add |O_CLOEXEC to the flopen() flags in both > cases. done concerning the |O_CLOEXEC Thanks, Bapt --OXfL5xGRrasGEqWY Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlDcrtEACgkQ8kTtMUmk6EycFwCdF1xPYXG5A6f2wTEKP3a676E3 DDAAn1INZDmCDUeL2jjekC43iJpQ+d8N =ZfCq -----END PGP SIGNATURE----- --OXfL5xGRrasGEqWY--