From owner-cvs-all  Tue Feb  5 20:15:37 2002
Delivered-To: cvs-all@freebsd.org
Received: from rover.village.org (rover.bsdimp.com [204.144.255.66])
	by hub.freebsd.org (Postfix) with ESMTP
	id 9AD6D37B427; Tue,  5 Feb 2002 20:15:19 -0800 (PST)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.11.3/8.11.3) with ESMTP id g164FHi13044;
	Tue, 5 Feb 2002 21:15:18 -0700 (MST)
	(envelope-from imp@village.org)
Received: from localhost (warner@rover2.village.org [10.0.0.1])
	by harmony.village.org (8.11.6/8.11.6) with ESMTP id g164FEL34520;
	Tue, 5 Feb 2002 21:15:16 -0700 (MST)
	(envelope-from imp@village.org)
Date: Tue, 05 Feb 2002 21:14:52 -0700 (MST)
Message-Id: <20020205.211452.121219753.imp@village.org>
To: mark@grondar.za
Cc: ache@nagual.pp.ru, des@FreeBSD.org, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/lib/libpam/modules/pam_unix pam_unix.c 
From: "M. Warner Losh" <imp@village.org>
In-Reply-To: <200202052219.g15MJhs32408@greenpeace.grondar.org>
References: <20020205214703.GA8579@nagual.pp.ru>
	<200202052219.g15MJhs32408@greenpeace.grondar.org>
X-Mailer: Mew version 2.1 on Emacs 21.1 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

In message: <200202052219.g15MJhs32408@greenpeace.grondar.org>
            Mark Murray <mark@grondar.za> writes:
: > On Tue, Feb 05, 2002 at 23:59:08 +0300, Andrey A. Chernov wrote:
: > 
: > > It is OK at this point, but broken _after_ PAM called.
: > > Lets imagine srandom(33) produce this hypotetical sequence for random() 
: > > calls:
: > 
: > To see the bug, run following test application with "call_pam" set to 1 
: > and 0
: 
: The bug is doing userland stuff before the authentication IMO.
: 
: > #include <stdlib.h>
: > 
: > int call_pam = 0;
: > 
: > main()
: > {
: > srandom(33);
: > random();
: > random();
: > if (call_pam) libpam_steals_N_randoms();
: > printf("%d\n", random());
: > }
: 
: Should look like
: 
: #include <stdlib.h>
: 
: int call_pam = 0;
: 
: main()
: {
: if (call_pam) libpam_steals_N_randoms();
: srandom(33);
: random();
: random();
: printf("%d\n", random());
: }

What if I have to do some non-trival things before calling PAM, which
involve doing random stuff, and then I need top do non-trivial things
after calling PAM?  What if I'm using two such packages together?  No,
this doesn't scale well and should be avoid if we have a simple
solution at hand (which I think we do).

Warner

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message