From: u-igbb@aetey.se
To: musl@lists.openwall.com
Subject: Re: musl 1.0.x branch
Date: Wed, 11 Jun 2014 16:37:46 +0200 [thread overview]
Message-ID: <20140611143746.GJ20596@example.net> (raw)
In-Reply-To: <20140611130937.GR179@brightrain.aerifal.cx>
On Wed, Jun 11, 2014 at 09:09:37AM -0400, Rich Felker wrote:
> any
> function dependent on any environment variable is not thread-safe if
> another thread is modifying the environment; see XSH exec."
> This makes "dependent on an environment variable" a formal property of
> standard interfaces which introduces subtle breakage if/when a
> function which is not specified to be dependent on an environment
> variable actually uses one.
Oh indeed. Seen from this angle the problem is apparent.
> The only safe solution I know to this
> problem is to do the environment processing at program start time.
I am not really afraid of such thread-related breakage (even if the
application uses threads, the chance of corruption is quite low).
Nevertheless I'll aim to fix the patches and move the value fetches
to the startup, as you mention.
> Hopefully this only affects programs using paths.h or similar, which
> are legacy mess I just left around because it sometimes helps build
> programs which are otherwise a pain to build.
The programs including paths.h are in a sense "well behaving",
the other ones which boldly use hardcoded strings are more
unfriendly to modifications. In my eyes path.h should exist, be used
and actually define the databases-related-macros, which would serve
as the redirection means - it is what we do.
A path.h with mere constants is indeed a nuisance.
> > Yes I looked at it - it is unfortunately also a solution for goals
> > "other than ours". AFAICS it still assumes a hardcoded database
> > placement (/etc/tcb).
>
> Yes. I suppose it wouldn't fundamentally have to do so, since programs
> authenticating user accounts would be configured to the right location
> for the system user database, but it seems safest (and of course
> simplest) to always use that location anyway.
No matter which location this would be, it is one constant for all concerned
processes, assuming a single database instance in a local place to be used
by all processes on the host - the Unix practice hardly ever questioned
by anyone :( aka "blindly followed for ages" :)
> Yes. BTW your approach is also very nice from a unit-testing
> perspective. It's hard to test things like dns resolver, user
> database, etc. due to the difficulty of mocking in controlled
> configurations for them. Modern Linux does however provide user
I would be happy to rework and submit the patches, indeed they are a
straightforward and fine-grained instance isolation tool, without the
constraints of chroot and similar. Just never setuid the binaries
using the resulting library :)
> namespaces / mount namespaces which allow doing this, and that's
> probably what we'll use for testing at least in the short-term (it
> also makes it easy to apply the tests to other libcs).
It is nice to have a choice.
Regards,
Rune
next prev parent reply other threads:[~2014-06-11 14:37 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-06 17:56 Rich Felker
2014-06-06 19:39 ` u-igbb
2014-06-07 6:23 ` Kevin Bortis
2014-06-07 13:16 ` Anthony G. Basile
2014-06-07 18:26 ` Gustavo Zacarias
2014-06-09 9:23 ` Natanael Copa
2014-06-09 20:08 ` Rich Felker
2014-06-10 9:43 ` u-igbb
2014-06-10 16:03 ` Rich Felker
2014-06-10 16:50 ` Laurent Bercot
2014-06-10 17:37 ` Rich Felker
2014-06-10 19:19 ` Laurent Bercot
2014-06-10 21:01 ` Rich Felker
2014-06-11 1:27 ` Laurent Bercot
2014-06-10 20:32 ` u-igbb
2014-06-10 21:51 ` Rich Felker
2014-06-11 10:24 ` u-igbb
2014-06-11 13:09 ` Rich Felker
2014-06-11 14:37 ` u-igbb [this message]
2014-06-10 21:25 ` Natanael Copa
2014-06-10 21:13 ` musl 1.0.x branch -- OT u-igbb
2014-06-10 21:55 ` musl 1.0.x branch Rich Felker
2014-06-11 10:41 ` Oliver Schneider
2014-06-11 13:16 ` Rich Felker
2014-06-12 18:46 ` Oliver Schneider
2014-06-13 1:23 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140611143746.GJ20596@example.net \
--to=u-igbb@aetey.se \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).