Holger,
Thanks for the explanation. I'm happy to remove the [2] and use scalar
context.
Craig
On Wed, Mar 29, 2017 at 3:06 PM, Holger Parplies <wb...@parplies.de> wrote:
> Hi,
>
> Richard Shaw wrote on 2017-03-29 13:38:16 -0500 [[BackupPC-devel]
> Inherited patch question]:
> > [...]
> > $ cat rpmbuild/BackupPC/SOURCES/BackupPC-4.0.0-fix-shadow-access.patch
> > [...]
> > - && $> != (my $uid = (getpwnam($Conf{BackupPCUser}))[2]) ) {
> > + && $> != (my $uid = (getpwnam($Conf{BackupPCUser}))) ) {
> > [...]
> > What's the effect of removing the [2] from these?
>
> well, in theory (and practise, at least on my local system here) getpwnam
> returns something like 'split /:/, $passwd_line' in list context and the
> uid in scalar context. The third element (index [2]) of the split would
> also be the uid, which explains why the two lines can be equivalent, even
> though they seem very different.
>
> >From the *name* of the patch, I would guess that there might be a
> potential
> problem on systems with shadow passwords in some cases, though I can't see
> one here on my system. I could *imagine* though, that there might be
> systems
> that differ.
>
> A closer look reveals the following:
>
> % perl -e 'my @p = getpwnam "foo"; print ">", (join ",", @p),
> "<\n";'
> foo,x,1234,1234,,,Holger Parplies,/home/foo,/bin/tcsh
> # perl -e 'my @p = getpwnam "foo"; print ">", (join ",", @p),
> "<\n";'
> foo,<my-hashed-password>,1234,1234,,,Holger
> Parplies,/home/foo,/bin/tcsh
>
> (no, my user name is not "foo" and my uid is not 1234 ;-), so my Perl (or
> rather getpwnam(3)) merges in the shadow password, privilege permitting.
> Although I can't find any hint in the documentation, I could imagine that
> the attempt to do so could trigger unwanted behaviour (e.g. an audit log or
> even termination of the process) under some security systems, depending on
> how the determination of "privilege permitting" might be implemented.
>
> In any case, I would *hope* that the scalar context case would be slightly
> more efficient, because the unneeded information in the additional array
> elements not corresponding to /etc/passwd fields ($quota, $comment,
> $expire)
> does not need to be retrieved.
>
> For an explanation of the getpwnam function look at 'perldoc -f getpwuid'
> (strangely, 'perldoc -f getpwnam' is not very helpful, at least on some
> systems ;-).
>
> Regards,
> Holger
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> BackupPC-devel mailing list
> BackupPC-devel@lists.sourceforge.net
> List: https://lists.sourceforge.net/lists/listinfo/backuppc-devel
> Wiki: http://backuppc.wiki.sourceforge.net
> Project: http://backuppc.sourceforge.net/
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
BackupPC-devel mailing list
BackupPC-devel@lists.sourceforge.net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-devel
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
