Date: Tue, 5 Feb 2002 15:24:10 -0700 From: Nate Williams <nate@yogotech.com> To: Mark Murray <mark@grondar.za> Cc: "Andrey A. Chernov" <ache@nagual.pp.ru>, des@FreeBSD.org, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libpam/modules/pam_unix pam_unix.c Message-ID: <15456.23434.738687.902455@caddis.yogotech.com> In-Reply-To: <200202052219.g15MJhs32408@greenpeace.grondar.org> References: <20020205214703.GA8579@nagual.pp.ru> <200202052219.g15MJhs32408@greenpeace.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > It is OK at this point, but broken _after_ PAM called.
> > > Lets imagine srandom(33) produce this hypotetical sequence for random()
> > > calls:
> >
> > To see the bug, run following test application with "call_pam" set to 1
> > and 0
>
> The bug is doing userland stuff before the authentication IMO.
Naw, I agree with Andrey. Library calls like PAM shouldn't dictate the
order you do things.
Based on what I'm hearying, your change is ill-conceived and should be
backed out.
Nate
>
> > #include <stdlib.h>
> >
> > int call_pam = 0;
> >
> > main()
> > {
> > srandom(33);
> > random();
> > random();
> > if (call_pam) libpam_steals_N_randoms();
> > printf("%d\n", random());
> > }
>
> Should look like
>
> #include <stdlib.h>
>
> int call_pam = 0;
>
> main()
> {
> if (call_pam) libpam_steals_N_randoms();
> srandom(33);
> random();
> random();
> printf("%d\n", random());
> }
>
> M
> --
> o Mark Murray
> \_ FreeBSD Services Limited
> O.\_ Warning: this .sig is umop ap!sdn
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15456.23434.738687.902455>