On Tue, Jun 07, 2005 at 02:42:40PM +0100, Neal H. Walfield wrote: > > I'm not exclusive, but inclusive. You're touching a default behaviour > > so those can't just be listed, examples coming to mind are the various > > AIXes, > > MacOS X, HP-UX for example. > > This is the point I don't understand: the patch only fixes what the > Gamin claims to already do, i.e. support systems without LOCAL_CRED. > If a system does not have LOCAL_CRED defined but does have the > cmsgcred structure then Gamin will not work on that system at all.
Well the patch actually trash the authentication on Linux. HAVE_CMSGCRED is not defined, so we end up with lack_creds == 0 and as a result, socket credentail are not even tested and c_pid is set to getuid() whicn also mean all the debugging infrastructure can't report the PID of the target process anymore. This is fairly bad since this ended up in 0.1.1 and now I have 1/ a potential security problems and 2/ a broken debugging infrastructure. I reverted the patch in CVS Daniel -- Daniel Veillard | Red Hat Desktop team http://redhat.com/ [EMAIL PROTECTED] | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/ _______________________________________________ Gamin-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gamin-list
