Re: [Caml-list] Re: Unix.getlogin () fails when stdin is redirected

["Gerd Stolpmann" <info@gerd-stolpmann.de>]

I second this. There is one OS where getlogin does not follow POSIX and is
maybe insecure, and the fix cannot be to hide the function for all other
OS. IMHO, these differences should be handled on a higher level, and not
in the module providing the bindings.

Semantically, there is a big difference between getlogin and getuid:
getlogin shall also work when the user calls a setuid program which in
turn invokes a script. These script commands can then use getlogin to
identify the original user (which is defined as the user of the session =
the user of the controlling terminal). In contrast, getuid would return
the uid to which setuid switched (for the script).

So, I'd say, you cannot repair getlogin with getuid. The best fix is
probably to just run `/usr/bin/logname </dev/tty` and read the printed
name.

Gerd

> getpwuid(getuid()) is not a synonym for get_login (refer to the
> discussion in the POSIX standard[^1]). You should not shadow posix
functions by functions with different semantics in the Unix modules;
providing your own abstraction over the OS is a commendable goal but you
should do so without silently bypassing core functions.
>
> Till
> [1]:http://pubs.opengroup.org/onlinepubs/007904975/functions/getlogin.html
>
>
> On Tue, Mar 20, 2012 at 2:28 PM, David House <dhouse@janestreet.com> wrote:
>> Note that Jane Street's core library [1] does not use getlogin(3) in
its replacement Unix module, for exactly this reason:
>>
>> (* The standard getlogin function goes through utmp which is
unreliable,  see the BUGS section of getlogin(3) *)
>> let getlogin_orig = Unix.getlogin
>> let getlogin () = (Unix.getpwuid (getuid ())).Unix.pw_name
>>
>> [1]: https://bitbucket.org/yminsky/ocaml-core/wiki/Home
>>
>> I just tested your specific example, and it worked fine.
>>
>>
>> On Tue 20 Mar 2012 06:07:59 PM GMT, Ricardo Catalinas Jiménez wrote:
>>>
>>> On Tue, Mar 20, 2012 at 06:51:13PM +0100, Ricardo Catalinas Jiménez
wrote:
>>>>
>>>> I found out the next issue in this simple code:
>>>>
>>>> let () =
>>>>     print_endline "Hello";
>>>>     print_endline (Unix.getlogin ())
>>>>
>>>> Running in the normal case, with `./a.out' gives:
>>>>
>>>> Hello
>>>> ricardo
>>>>
>>>> But running like `./a.out</dev/null' makes Unix.getlogin fail:
>>>>
>>>> Hello
>>>> Fatal error: exception Unix.Unix_error(20, "getlogin", "")
>>>>
>>>> A simple strace reveals the problem:
>>>>
>>>>    open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
>>>>    fstat(3, {st_mode=S_IFREG|0644, st_size=509, ...}) = 0
>>>>    mmap(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1,
>>>> 0) = 0x7fb125554000
>>>>    read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 509  
 read(3, "", 4096)                       = 0
>>>>    close(3)                                = 0  
 munmap(0x7fb125554000, 4096)            = 0
>>>> ->  ioctl(0, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or
TCGETS, 0x7fff12682c98) = -1 ENOTTY (Inappropriate ioctl for device)
   write(2, "Fatal error: exception Unix.Unix"..., 59) = 59  
 exit_group(2)                           = ?
>>>
>>>
>>>
>>> Someone knew the answer, man 3 getlogin reads:
>>>
>>>        Note that glibc does not follow the POSIX specification and
uses
>>>        stdin instead of /dev/tty.  A bug.  (Other recent
systems, like
>>>        SunOS 5.8 and HP-UX 11.11 and FreeBSD 4.8 all return the login
>>>        name also when stdin is redirected.)
>>>
>>>
>>> Regards
>>
>>
>>
>>
>> --
>> Caml-list mailing list.  Subscription management and archives:
https://sympa-roc.inria.fr/wws/info/caml-list
>> Beginner's list: http://groups.yahoo.com/group/ocaml_beginners
>> Bug reports: http://caml.inria.fr/bin/caml-bugs
>>
>
>
> --
> Caml-list mailing list.  Subscription management and archives:
> https://sympa-roc.inria.fr/wws/info/caml-list
> Beginner's list: http://groups.yahoo.com/group/ocaml_beginners
> Bug reports: http://caml.inria.fr/bin/caml-bugs
>
>
>


-- 
Gerd Stolpmann, Darmstadt, Germany    gerd@gerd-stolpmann.de
Creator of GODI and camlcity.org.
Contact details:        http://www.camlcity.org/contact.html
Company homepage:       http://www.gerd-stolpmann.de
*** Searching for new projects! Need consulting for system
*** programming in Ocaml? Gerd Stolpmann can help you.



-- 
Gerd Stolpmann, Darmstadt, Germany    gerd@gerd-stolpmann.de
Creator of GODI and camlcity.org.
Contact details:        http://www.camlcity.org/contact.html
Company homepage:       http://www.gerd-stolpmann.de
*** Searching for new projects! Need consulting for system
*** programming in Ocaml? Gerd Stolpmann can help you.