Name aliasing in security.cc

Corinna Vinschen cygwin-patches@cygwin.com
Wed Jun 5 05:02:00 GMT 2002


On Mon, Jun 03, 2002 at 10:31:30PM -0400, Pierre A. Humblet wrote:
> At 07:06 PM 6/3/2002 +0200, Corinna Vinschen wrote:
> >On Thu, May 30, 2002 at 09:57:40PM -0400, Pierre A. Humblet wrote:
> >> a) keep lookup_name() as it is?
> >> b) remove it entirely?
> >
> >I think b) is the way to go.  IMHO we should deprecate using ntsec
> >w/o SID in the passwd/group files.
> 
> Here it is. Lots of trivial changes. Tested by running chown.

Hi Pierre,

would you mind to look over that again?  I've just rearranged reading
passwd and group files and found an easy method to have useful passwd
and group info including SIDs even if both files are unavailable.

This slightly changes the way we could handle that situation.  We're
not necessarily requiring these files for a working ntsec now and
AFAICS, this results in a different state of the lookup_name function.

However, I think calling lookup_name is somewhat useless.  If a process
can't read it's own token, something's really broken (and this is
in retrospect the reason you investigated in changing the security
stuff).

I'm sorry to step in that late.  I hope you're not too frustrated...

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin@cygwin.com
Red Hat, Inc.



More information about the Cygwin-patches mailing list