[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 1/2] Remove uid param from directory lookup APIs



On Thu, May 24, 2012 at 08:18:55AM -0600, Eric Blake wrote:
> On 05/24/2012 07:44 AM, Daniel P. Berrange wrote:
> > From: "Daniel P. Berrange" <berrange redhat com>
> > 
> > Remove the uid param from virGetUserConfigDirectory,
> > virGetUserCacheDirectory, virGetUserRuntimeDirectory,
> > and virGetUserDirectory
> > 
> > These functions were universally called with the
> > results of getuid() or geteuid(). To make it practical
> > to port to Win32, remove the uid parameter and hardcode
> > geteuid()
> 
> Confirmed that we were universally using a current id, and that blindly
> using geteuid() is the best approach.
> 
> ACK.
> 
> > +++ b/src/remote/remote_driver.c
> > @@ -578,7 +578,7 @@ doRemoteOpen (virConnectPtr conn,
> >      case trans_unix:
> >          if (!sockname) {
> >              if (flags & VIR_DRV_OPEN_REMOTE_USER) {
> > -                char *userdir = virGetUserRuntimeDirectory(getuid());
> > +                char *userdir = virGetUserRuntimeDirectory();
> 
> There's probably a subtle difference for the effects if getuid() and
> geteuid() differed in value if you ever got here while linking to
> libvirt.so from a setuid binary, but I think that is unlikely enough and
> that our switch to geteuid() feels safer anyways.

And if the difference did matter, I'm fairly sure that our existing
code would be broken, since the choice is getuid() vs geteuid() in
our code appears to be completely random.

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]