Date: Tue, 5 Feb 2002 23:59:08 +0300 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Mark Murray <mark@grondar.za>, des@freebgsd.org Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libpam/modules/pam_unix pam_unix.c Message-ID: <20020205205907.GA8005@nagual.pp.ru> In-Reply-To: <200202051949.g15Jnhs12003@greenpeace.grondar.org> References: <20020205184059.GA6785@nagual.pp.ru> <200202051949.g15Jnhs12003@greenpeace.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 05, 2002 at 19:49:38 +0000, Mark Murray wrote:
> > On Tue, Feb 05, 2002 at 15:20:44 +0300, Andrey A. Chernov wrote:
> > >
> > > 1) You break applications which expect the same sequence from random()
> > > (when initializing srandom() to some fixed value) since insert random()
> > > calls in the middle of application ones.
> >
> > In case my description is unclear, here is example:
> >
> > App:
> > srandom(33);
> > random();
> > random();
> > call PAM library
> > PAM calls random();
> > PAM calls random()
> > return;
>
> /* application starts, control is handed over to the user */
> srandom(33);
> random(); /* sequence is OK. */
It is OK at this point, but broken _after_ PAM called.
Lets imagine srandom(33) produce this hypotetical sequence for random()
calls:
2,4,6,7,8,9,1,2
Without PAM application got _all_ the values.
With PAM, PAM got some values for itself:
2,4,5,7,8,9,1,2
^^^^^
\------ this three goes to PAM and not to application.
--
Andrey A. Chernov
http://ache.pp.ru/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020205205907.GA8005>