[request-sponsor] Requesting sponsor for bug 6339753 - nsswitch should allow comments in local files
I'd like to request a sponsor for bug 6339753, allowing nsswitch files backends to use comments. The fix is seemingly trivial but I particularly want guidance on whether comments should only be allowed when they begin a new line, in order to avoid breaking existing databases. Anyway, my SCA # is OS135. Cheers, Ceri -- That must be wonderful! I don't understand it at all. -- Moliere -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available URL: http://mail.opensolaris.org/pipermail/request-sponsor/attachments/20080212/37f7f508/attachment.bin
[request-sponsor] Requesting sponsor for bug 6339753 - nsswitch should allow comments in local files
Ceri Davies wrote: I'd like to request a sponsor for bug 6339753, allowing nsswitch files backends to use comments. The fix is seemingly trivial but I particularly want guidance on whether comments should only be allowed when they begin a new line, in order to avoid breaking existing databases. I think this is quite a big issue. There is no defined comment char for some of these databases, including /etc/passwd and /etc/shadow. Fixing this effectively introduces a comment char. On the other hand for databases like user_attr(4), exec_attr(4), prof_attr(4) there is a defined comment char (and it is '#'). Simply allowing this via nsswitch is only part of the issue, what happens to all the tools that modify all the files backend nsswitch databases ? What should they do with comments ? I think this needs further discussion somewhere other than request-sponsor. Since this is mostly nameservices related I think the best alias is sparks-discuss@ however I also suspect that many of the security-discuss@ subscribers would be interested in this too. -- Darren J Moffat
[request-sponsor] Requesting sponsor for bug 6339753 - nsswitch should allow comments in local files
On Tue, Feb 12, 2008 at 03:21:20PM +, Darren J Moffat wrote: Ceri Davies wrote: I'd like to request a sponsor for bug 6339753, allowing nsswitch files backends to use comments. The fix is seemingly trivial but I particularly want guidance on whether comments should only be allowed when they begin a new line, in order to avoid breaking existing databases. I think this is quite a big issue. There is no defined comment char for some of these databases, including /etc/passwd and /etc/shadow. Fixing this effectively introduces a comment char. On the other hand for databases like user_attr(4), exec_attr(4), prof_attr(4) there is a defined comment char (and it is '#'). Most of the databases have comment fields anyway, so I'd be perfectly happy to see this marked as a Will Not Fix too (not that that means the submitter will, but that's not my problem). Ceri -- That must be wonderful! I don't understand it at all. -- Moliere -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available URL: http://mail.opensolaris.org/pipermail/request-sponsor/attachments/20080212/db75f321/attachment.bin