Re: [Patch] Trailing spaces in cygcheck -cd or -s output.

2004-09-23 Thread Bas van Gompel 
Op Wed, 22 Sep 2004 13:54:53 +0200 schreef Corinna Vinschen
in [EMAIL PROTECTED]:
:  On Sep 16 07:26, Bas van Gompel wrote:

[dump_setup.cc (dump_setup): Avoid trailing spaces on package-list.]

:  Thanks for the patch.  I've applied the patch plus an additional patch which
:  adds an `if (check_files)' to simplify the expressions in (now two) printf's.

Thanks, that's much more readable.

Now one can eliminate a spurious ``strlen'', as well.

ChangeLog-entry:

2004-09-23  Bas van Gompel  [EMAIL PROTECTED]

* dump_setup.cc (dump_setup): Remove unneeded strlen when check_files
is not set.

Patch:

--- src/winsup/utils/dump_setup.cc  22 Sep 2004 11:50:51 -  1.15
+++ src/winsup/utils/dump_setup.cc  23 Sep 2004 05:26:51 -
@@ -403,8 +403,8 @@ dump_setup (int verbose, char **argv, bo
check_package_files (verbose, packages[i].name)
  ?  OK :  Incomplete);
   else
-   printf (%-*s %-*s\n, package_len, packages[i].name,
- strlen(packages[i].ver), packages[i].ver);
+   printf (%-*s %s\n, package_len, packages[i].name,
+ packages[i].ver);
   fflush(stdout);
 }
 
L8r,

Buzz.
-- 
  ) |  | ---/ ---/  Yes, this | This message consists of true | I do not
--  |  |   //   really is |   and false bits entirely.| mail for
  ) |  |  //a 72 by 4 +---+ any1 but
--  \--| /--- /---  .sigfile. |   |perl -pe s.u(z)\1.as.| me. 4^re

Re: dinput.h and ddraw.h from Wine with trivial modifications (fwd)

2004-09-23 Thread Corinna Vinschen 
On Sep 22 15:58, Peter Ekberg wrote:
 Corinna wrote:
  On Sep 17 13:39, Peter Ekberg wrote:
  Hello!
  
  This is the ddraw.h and dinput.h files from Wine, with some trivial
  modification by me to make them work in the cygwin environment.
  
  They are Copyright (C) the Wine project according to their headers
  and under the LGPL. I think it is polite to keep them under LGPL
  rather than converting to the GPL so that changes can flow freely
  between the two projects. [...]
  
  Doesn't this collide with the public domain-ness of w32api?
 
 Well, winsock.h, winsock2.h, ws2tcpip.h, gl.h, glext.h and glu.h
 are not public domain (according to README.w32api), so I figured
 that two more files was not a major collision. Not my decision
 though...

Probably Cygwin has no problems as long as these header files are never
included in Cygwin code itself.

Let's ask the MingW folks.  Danny, Earnie, any problem with a header
file being LGPL'ed?


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader  mailto:[EMAIL PROTECTED]
Red Hat, Inc.

[PATCH] Fake POSIX behaviour in seteuid/setegid

2004-09-23 Thread Corinna Vinschen 
Hi folks,
especially Pierre,

I'm thinking of applying the below patch.  The idea is that an application
which has changed real as well as effective id to values different from
the saved (==original) id has no way to restore its old identity.

That's obviously not correct from a Windows NT point of view, but this
is a start to mimic the expected behaviour under POSIX.  For example
OpenSSH's sshd calls seteuid/setuid to change to an unprivileged user
and then it calls seteuid and setuid again, to test if it's possible
to revert the identity to root.  If so, it exists with error.  Same for
the gid.  The Cygwin version of OpenSSH currently disables these tests,
but it might be a good idea to fake POSIXy behaviour from a portability
point of view.

Any thoughts appreciated.  I'd be interested if there's some serious
reason not to do this at all, or if there's a better way to do this.
One caveat of my patch is that changing from one privileged account to
another privileged account disables changing uids, even though the
second account would also have this right.  Perhaps the tests should
be coupled with a check, whether the current effective uid has the
appropriate permissions or not.  I'm also suspecting that the gid
test is not far away from a total error in reasoning...


Corinna


* syscalls.cc (seteuid32): Mimic POSIX behaviour.  After giving up
real and effective uid, don't allow to change uids again.
(setegid32): Ditto for gids.

Index: syscalls.cc
===
RCS file: /cvs/src/src/winsup/cygwin/syscalls.cc,v
retrieving revision 1.348
diff -p -u -r1.348 syscalls.cc
--- syscalls.cc 17 Sep 2004 09:10:53 -  1.348
+++ syscalls.cc 23 Sep 2004 16:16:56 -
@@ -2004,6 +2004,15 @@ seteuid32 (__uid32_t uid)
   return 0;
 }
 
+  /* Mimic POSIX behaviour.  After giving up the real uid, don't allow
+ to change uids again. */
+  if (cygheap-user.real_uid != cygheap-user.saved_uid
+   myself-uid != cygheap-user.saved_uid)
+{
+  set_errno (EPERM);
+  return -1;
+}
+
   cygsid usersid;
   user_groups groups = cygheap-user.groups;
   HANDLE ptok, new_token = INVALID_HANDLE_VALUE;
@@ -2184,6 +2193,15 @@ setegid32 (__gid32_t gid)
   return 0;
 }
 
+  /* Mimic POSIX behaviour.  After giving up the real gid, don't allow
+ to change gids again. */
+  if (cygheap-user.real_gid != cygheap-user.saved_gid
+   myself-gid != cygheap-user.saved_gid)
+{
+  set_errno (EPERM);
+  return -1;
+}
+
   user_groups * groups = cygheap-user.groups;
   cygsid gsid;
   HANDLE ptok;

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader  mailto:[EMAIL PROTECTED]
Red Hat, Inc.

Re: More pipe problems (was Re: [Fwd: 1.5.11-1: sftp performance problem])

2004-09-23 Thread Corinna Vinschen 
On Sep 23 12:28, Bob Byrnes wrote:
 OutboundQuota is just the size of the pipe.  How do we know that the
 cygwin ssh didn't really inherit a huge pipe from the win32-native
 unison?

We don't unless checking the the source code or the strace, I guess.

 The real trouble here seems to be that WriteQuotaAvailable is so low,
 which (if that is to be believed) indicates the pipe has almost filled.
 This seems similar to the sftp problem, which I am still investigating;
 I haven't made much progress during the past week because I've been
 busy with other things at work, but I have learned a few new things
 and I'll try to send another report as soon as I can construct a
 coherent explanation.

Cool with me.  As I noted, I didn't care for debugging this issue so
far so I also might be off-track.  But at least my debugging pointed
out where something goes wrong so I hope it was useful nevertheless.


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader  mailto:[EMAIL PROTECTED]
Red Hat, Inc.

Re: [PATCH] Fake POSIX behaviour in seteuid/setegid

2004-09-23 Thread Pierre A. Humblet 
At 06:25 PM 9/23/2004 +0200, Corinna Vinschen wrote:
Hi folks,
especially Pierre,

I'm thinking of applying the below patch.  The idea is that an application
which has changed real as well as effective id to values different from
the saved (==original) id has no way to restore its old identity.

That's obviously not correct from a Windows NT point of view, but this
is a start to mimic the expected behaviour under POSIX.  For example
OpenSSH's sshd calls seteuid/setuid to change to an unprivileged user
and then it calls seteuid and setuid again, to test if it's possible
to revert the identity to root.  If so, it exists with error.  Same for
the gid.  The Cygwin version of OpenSSH currently disables these tests,
but it might be a good idea to fake POSIXy behaviour from a portability
point of view.

Any thoughts appreciated.  I'd be interested if there's some serious
reason not to do this at all, or if there's a better way to do this.
One caveat of my patch is that changing from one privileged account to
another privileged account disables changing uids, even though the
second account would also have this right.  Perhaps the tests should
be coupled with a check, whether the current effective uid has the
appropriate permissions or not.  I'm also suspecting that the gid
test is not far away from a total error in reasoning...



Corinna,

The patch does what you describe. The gid patch does not allow privileged
users to change the gids any way they want, which is unusual.

What surprised me is that OpenSSH takes the trouble to check if reversion is
impossible, although it's the standard POSIX behavior (well, not quite. POSIX
mentions appropriate privileges of the process). There must be cases where
it can be a problem. I assume it's not risky in Cygwin, because there will 
soon be an exec that will insure security.

Given that there might be issues, I think it's not good practice to mask the
real behavior when programs try to find what it is.
The more so when it comes to security.
I'd rather let the porter look at the issue and decide what's reasonable
for a given program on a given platform, as you did.

Let me sleep on this!

Pierre