From: Yaron Minsky <yminsky@janestreet.com>
To: Gerd Stolpmann <info@gerd-stolpmann.de>
Cc: caml-list@inria.fr, ocaml-core@googlegroups.com
Subject: Re: [Caml-list] Re: Unix.getlogin () fails when stdin is redirected
Date: Tue, 20 Mar 2012 22:10:18 -0400 [thread overview]
Message-ID: <CACLX4jR7rwEB5pKjt2oHPETsVesrqPJR6uk5oTU29cgWak6Cig@mail.gmail.com> (raw)
In-Reply-To: <c7dd99924eaad3383d8d529f66dc1752.squirrel@gps.dynxs.de>
[-- Attachment #1: Type: text/plain, Size: 1420 bytes --]
Looping in ocaml-core list.
On Tue, Mar 20, 2012 at 8:51 PM, Gerd Stolpmann <info@gerd-stolpmann.de>wrote:
>
> I second this. There is one OS where getlogin does not follow POSIX and is
> maybe insecure, and the fix cannot be to hide the function for all other
> OS. IMHO, these differences should be handled on a higher level, and not
> in the module providing the bindings.
>
> Semantically, there is a big difference between getlogin and getuid:
> getlogin shall also work when the user calls a setuid program which in
> turn invokes a script. These script commands can then use getlogin to
> identify the original user (which is defined as the user of the session =
> the user of the controlling terminal). In contrast, getuid would return
> the uid to which setuid switched (for the script).
>
> So, I'd say, you cannot repair getlogin with getuid. The best fix is
> probably to just run `/usr/bin/logname </dev/tty` and read the printed
> name.
>
I can think of a few solutions here:
- We can use getuid only on platforms where getlogin is busted
- We can name our function something other than "getlogin", to avoid
confusion.
- We can shell-out, in the way you suggest, to implement getlogin on
Linux. My only worry is that this is also going to be somewhat fragile in
its own way. Does calling out to logname with the suggested redirect
always work?
I'm open to other suggestions.
y
[-- Attachment #2: Type: text/html, Size: 1806 bytes --]
next prev parent reply other threads:[~2012-03-21 2:10 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-21 0:51 Gerd Stolpmann
2012-03-21 2:10 ` Yaron Minsky [this message]
2012-03-21 2:22 ` Yaron Minsky
-- strict thread matches above, loose matches on Subject: below --
2012-03-20 17:51 [Caml-list] " Ricardo Catalinas Jiménez
2012-03-20 18:07 ` [Caml-list] " Ricardo Catalinas Jiménez
2012-03-20 18:28 ` David House
2012-03-20 18:48 ` Till Varoquaux
2012-03-20 19:41 ` Yaron Minsky
2012-03-20 20:12 ` Till Varoquaux
2012-03-20 22:45 ` oliver
2012-03-21 12:26 ` Török Edwin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CACLX4jR7rwEB5pKjt2oHPETsVesrqPJR6uk5oTU29cgWak6Cig@mail.gmail.com \
--to=yminsky@janestreet.com \
--cc=caml-list@inria.fr \
--cc=info@gerd-stolpmann.de \
--cc=ocaml-core@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).