From: Yaron Minsky <yminsky@janestreet.com>
To: Gerd Stolpmann <info@gerd-stolpmann.de>
Cc: caml-list@inria.fr, ocaml-core@googlegroups.com
Subject: Re: [Caml-list] Re: Unix.getlogin () fails when stdin is redirected
Date: Tue, 20 Mar 2012 22:22:01 -0400 [thread overview]
Message-ID: <CACLX4jQgtCGQcKY_3Gyb3sO4qm2MFUOn+j6cUN0KiSHo9boiEg@mail.gmail.com> (raw)
In-Reply-To: <CACLX4jR7rwEB5pKjt2oHPETsVesrqPJR6uk5oTU29cgWak6Cig@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1759 bytes --]
I'm going to drop caml-list for further discussion of this issue. People
who are interested should feel free to follow along on ocaml-core:
https://groups.google.com/forum/?fromgroups#!forum/ocaml-core
y
On Tue, Mar 20, 2012 at 10:10 PM, Yaron Minsky <yminsky@janestreet.com>wrote:
> Looping in ocaml-core list.
>
> On Tue, Mar 20, 2012 at 8:51 PM, Gerd Stolpmann <info@gerd-stolpmann.de>wrote:
>
>>
>> I second this. There is one OS where getlogin does not follow POSIX and is
>> maybe insecure, and the fix cannot be to hide the function for all other
>> OS. IMHO, these differences should be handled on a higher level, and not
>> in the module providing the bindings.
>>
>> Semantically, there is a big difference between getlogin and getuid:
>> getlogin shall also work when the user calls a setuid program which in
>> turn invokes a script. These script commands can then use getlogin to
>> identify the original user (which is defined as the user of the session =
>> the user of the controlling terminal). In contrast, getuid would return
>> the uid to which setuid switched (for the script).
>>
>> So, I'd say, you cannot repair getlogin with getuid. The best fix is
>> probably to just run `/usr/bin/logname </dev/tty` and read the printed
>> name.
>>
>
> I can think of a few solutions here:
>
> - We can use getuid only on platforms where getlogin is busted
> - We can name our function something other than "getlogin", to avoid
> confusion.
> - We can shell-out, in the way you suggest, to implement getlogin on
> Linux. My only worry is that this is also going to be somewhat fragile in
> its own way. Does calling out to logname with the suggested redirect
> always work?
>
> I'm open to other suggestions.
>
> y
>
[-- Attachment #2: Type: text/html, Size: 2585 bytes --]
next prev parent reply other threads:[~2012-03-21 2:22 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-21 0:51 Gerd Stolpmann
2012-03-21 2:10 ` Yaron Minsky
2012-03-21 2:22 ` Yaron Minsky [this message]
-- strict thread matches above, loose matches on Subject: below --
2012-03-20 17:51 [Caml-list] " Ricardo Catalinas Jiménez
2012-03-20 18:07 ` [Caml-list] " Ricardo Catalinas Jiménez
2012-03-20 18:28 ` David House
2012-03-20 18:48 ` Till Varoquaux
2012-03-20 19:41 ` Yaron Minsky
2012-03-20 20:12 ` Till Varoquaux
2012-03-20 22:45 ` oliver
2012-03-21 12:26 ` Török Edwin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CACLX4jQgtCGQcKY_3Gyb3sO4qm2MFUOn+j6cUN0KiSHo9boiEg@mail.gmail.com \
--to=yminsky@janestreet.com \
--cc=caml-list@inria.fr \
--cc=info@gerd-stolpmann.de \
--cc=ocaml-core@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox