From owner-cvs-all  Tue Feb  5 14:28:46 2002
Delivered-To: cvs-all@freebsd.org
Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3066837B41D; Tue,  5 Feb 2002 14:28:38 -0800 (PST)
Received: (from ache@localhost)
	by nagual.pp.ru (8.11.6/8.11.6) id g15MSX109179;
	Wed, 6 Feb 2002 01:28:34 +0300 (MSK)
	(envelope-from ache)
Date: Wed, 6 Feb 2002 01:28:31 +0300
From: "Andrey A. Chernov" <ache@nagual.pp.ru>
To: Mark Murray <mark@grondar.za>
Cc: des@FreeBSD.org, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/lib/libpam/modules/pam_unix pam_unix.c
Message-ID: <20020205222829.GA9120@nagual.pp.ru>
References: <20020205214703.GA8579@nagual.pp.ru> <200202052219.g15MJhs32408@greenpeace.grondar.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200202052219.g15MJhs32408@greenpeace.grondar.org>
User-Agent: Mutt/1.3.27i
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

On Tue, Feb 05, 2002 at 22:19:38 +0000, Mark Murray wrote:
> > On Tue, Feb 05, 2002 at 23:59:08 +0300, Andrey A. Chernov wrote:
> > 
> > > It is OK at this point, but broken _after_ PAM called.
> > > Lets imagine srandom(33) produce this hypotetical sequence for random() 
> > > calls:
> > 
> > To see the bug, run following test application with "call_pam" set to 1 
> > and 0
> 
> The bug is doing userland stuff before the authentication IMO.

1) Program must be able prepare yourself before auth, some operations like 
initializations, server key generations etc. can take a long time and when 
daemon starts, he do that _before_ starting auth.

2) The fact that random() and srandom() are unsafe in the libraries
discussed almost in every Unix book I saw with usual recommendation to
avoid them in the general purpose libraries. I don't see any reason why
PAM is so special to not follow this rule.

3) All programs behave like they _owns_ random() internal state and not
expect any damages from the libraries here. If you want PAM be special, it
must be well documented in all visible PAM manpages and docs.

-- 
Andrey A. Chernov
http://ache.pp.ru/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message