From owner-freebsd-stable  Thu Jul 19 21:28:34 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40])
	by hub.freebsd.org (Postfix) with ESMTP id 3DCBF37B405
	for <freebsd-stable@FreeBSD.ORG>; Thu, 19 Jul 2001 21:28:28 -0700 (PDT)
	(envelope-from drosih@rpi.edu)
Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47])
	by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f6K4R5e96272;
	Fri, 20 Jul 2001 00:27:05 -0400
Mime-Version: 1.0
X-Sender: drosih@mail.rpi.edu
Message-Id: <p05101011b77d5fb73500@[128.113.24.47]>
In-Reply-To: <3B57AD39.94E6567D@vangelderen.org>
References: <3B5713AB.79322FDA@vangelderen.org>
 <20010719234413.A64433@heechee.tobez.org>
 <20010720001429.A65236@heechee.tobez.org>
 <3B57AD39.94E6567D@vangelderen.org>
Date: Fri, 20 Jul 2001 00:27:03 -0400
To: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>
From: Garance A Drosihn <drosih@rpi.edu>
Subject: Re: initgroups unsolicited warning?
Cc: freebsd-stable@FreeBSD.ORG
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

At 12:02 AM -0400 7/20/01, Jeroen C. van Gelderen wrote:
>If all this sounds sensible I'd propose the following:
>
>1. We fix those applications where initgroups is the only call
>    that is not checked for failure. I am working on this and
>    have already done four apps. I skipped over lpd.

I have sent some messages to Anton about lpd/printjob.c, but I should
also mention the highlights on this list:

I am already working on a patch to lpd/printjob.c, but as usual the
"simple and obvious" patch that one would be tempted to write after
looking at the code will actually make life worse instead of better
(considerably worse, in fact...).

So, no one else needs to rush in and write a patch for lpd.  Once I
have a patch which isn't disastrous in my own testing, I'll put it
up for audit-minded folk to look at.

Here is one tip:  Do not just add code to check the result & errno
from initgroup.  Also test that code by adding something which WILL
cause initgroup to fail (such as a call to seteuid(non-root)), and
make sure the path your error-recovery takes is not worse than the
original error...

-- 
Garance Alistair Drosehn            =   gad@eclipse.acs.rpi.edu
Senior Systems Programmer           or  gad@freebsd.org
Rensselaer Polytechnic Institute    or  drosih@rpi.edu

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message