From owner-freebsd-stable  Thu Jul 19 16:13:29 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from heechee.tobez.org (254.adsl0.ryv.worldonline.dk [213.237.10.254])
	by hub.freebsd.org (Postfix) with ESMTP id EE74A37B403
	for <freebsd-stable@FreeBSD.ORG>; Thu, 19 Jul 2001 16:13:24 -0700 (PDT)
	(envelope-from tobez@tobez.org)
Received: by heechee.tobez.org (Postfix, from userid 1001)
	id 6E7595450; Fri, 20 Jul 2001 01:13:20 +0200 (CEST)
Date: Fri, 20 Jul 2001 01:13:20 +0200
From: Anton Berezin <tobez@tobez.org>
To: Garance A Drosihn <drosih@rpi.edu>
Cc: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>,
	FreeBSD Stable <freebsd-stable@FreeBSD.ORG>
Subject: Re: initgroups unsolicited warning?
Message-ID: <20010720011320.B65584@heechee.tobez.org>
Mail-Followup-To: Anton Berezin <tobez@tobez.org>,
	Garance A Drosihn <drosih@rpi.edu>,
	"Jeroen C. van Gelderen" <jeroen@vangelderen.org>,
	FreeBSD Stable <freebsd-stable@FreeBSD.ORG>
References: <3B5713AB.79322FDA@vangelderen.org> <20010719234413.A64433@heechee.tobez.org> <20010720001429.A65236@heechee.tobez.org> <p0510100db77d1591d36e@[128.113.24.47]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <p0510100db77d1591d36e@[128.113.24.47]>; from drosih@rpi.edu on Thu, Jul 19, 2001 at 07:02:39PM -0400
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

On Thu, Jul 19, 2001 at 07:02:39PM -0400, Garance A Drosihn wrote:
> At 12:14 AM +0200 7/20/01, Anton Berezin wrote:

> >I did not commit the obvious fix because there exist concerns about
> >the rest of the base system that uses initgroups(3).

> Could the message be sent to syslog instead of the terminal?  Or have
> some way to indicate to initgroups() that the message should be
> syslog'ed, or maybe even not sent at all?

I really, really don't think that this kind of action should be
performed by a library function.  This should be the caller
responsibility:  after all, initgroups(), as any other well-behaving
libc function returns -1 and sets errno in case of failure (proxying the
setgroups() failure).

> >Here OK means that the caller checks initgroups() return code and acts
> >appropriately.  NOK means that initgroups() is called without return
> >code checking.
>         [...]
> >usr.sbin/lpr/lpd/printjob.c		NOK

> Somehow I "just knew" that something in lpr would end up on a list of
> things with not-OK code...     :-)

Heh.  :-)

> I'll try to look at that (just the call in lpd) if you wish.

Absolutely.  There's a nice sequence of unchecked initgroups(), setgid()
and setuid() calls there, on the assumption that `such thing never
fail', I guess.  :-/

*Anton.
-- 
May the tuna salad be with you.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message