[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: An interference between PAM and other libraries [was: Linux-PAM and syslog]



On Sun, 29 Mar 1998, Savochkin Andrey Vladimirovich wrote:

> Do you consider my strdup() call as a hack?

Nope. It's not a hack. But it is a difference in what you do. Every book on
networking will tell you to do that.

You don't compare the same things here. The gethostbyXXX calls alter some
information in _structures_ that you know that are subject to this
modifications. Like struct passwd, struct hostent, etc, etc.

Syslog in this case is different. You don't have access to that internal
file descriptor and you can not save the state. Why don't you get it ? Not
only you get your program state modified, but the PAM lib is doing a
closelog() for you ! It's broken.
 
> Are you so lazy to do the same in PAM patches for Red Hat distribution?

I don't think it is a matter of how lazy I am. And do you have any idea what
you're talking about when saying "PAM patches for Red Hat distribution"? No,
you don't. 

It is a matter of how much non-sense I am willing to accept. It is obvious
to me that you did not have the occasion to work with code that it is
supposed to compile & run on a dozen or so unices. And it is also obvious
that you are not using your common sense to see why a patch that looks like
the following won't be _ever_ accepted in the main sources by the
maintainer. Which in turn makes maintaining the patches for new versions of
the programs a real pain.

+#ifdef USE_PAM
	ret = pam_check_pass(user, pass);
	/* do some crap */
...
+#endif /* USE_PAM */

	if (ret != 0) {
		/* some crap in there */
+#ifdef USE_PAM
+         /* most likely PAM close the syslog file descriptor and we are in trouble
+         * - reopen the log to be sure */
+#ifdef FACILITY
+         openlog("ftpd", LOG_PID | LOG_NDELAY, FACILITY);
+#else
+         openlog("ftpd", LOG_PID);
+#endif /* FACILITY */
+#endif /* USE_PAM */
   	  syslog(LOG_ERR, "login incorrect");

(okay, that's a hand-made patch and the example is not the best).

Imap would have been a better thing - because it defines a login_auth
function and that it is compiled from a certain source file decided by flags
at the compile time. That function is called _a lot_. And guess what, one
does not have access to syslog-related information to re-open the syslog in
that case, because the same function is compiled into pop2d, pop3d and
imapd. It certainly is possible to make a workaround, but again, that's
stupid.

> Or will you advocate for removing all mentions of gethostbyXXX
> in all PAM modules because no library should mess a program
> state?

You're confused about what is a program state. If you know that you can
write to file descriptor X and you call a function to perform
authentication, you'd expect related data structures to be altered, but
having closed file descriptor X is an alteration.

>We have a few library calls with a brain damaged interface
> (syslog, gethostbyaddr, getpwnam and so on).
> I don't consider attempts to disable an usage of the calls for
> PAM modules as a serious.

First, syslog does not fit in there (it's not quite in the same class).
Secondly, I am not advocating removing the syslog() calls from PAM - have you
read my mail until now ? I want to get rid of openlog() and closelog() because
using them it is wrong.
 
> The appropriate care for dangerous functions
> is what we must do for applications.

And what is appropiate care ? "Tell me if this user+password pair is
correct. Oh, and btw, I have to remember to reset syslog after that, because
it is a netural thing to do." Is this "appropriate care for dangerous
functions" ?! Don't explain this to me, I might in the end understand.
Explain this to those who are resisting and rejecting PAM for being the new
kid on the block.

This thread is going nowhere. I just must say that I will oppose in any
way and form the need of syslog-special-handling patches in the
applications to overcome PAM modules brokeness. Most PAM modules are nice;
some of them are too nice and are closing for me one too many file
descriptors, though.

As for my lazyness, I said that I am willing to implement the new modules
syslog interface in PAM and solve the problem in all the applications out
there instead of patching every one of them for this syslog problem and
spending huge amounts of developer time to hunt for all possible cases. If
this is lazyness, then yes, I am lazy. I am _very_ lazy.

Best wishes,

Cristian
--
----------------------------------------------------------------------
Cristian Gafton   --   gafton@redhat.com   --   Red Hat Software, Inc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 UNIX is user friendly. It's just selective about who its friends are.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []