On Mon, Oct 26, 2015 at 9:05 AM, Ted Unangst <t...@tedunangst.com> wrote: > Philip Guenther wrote: >> On Mon, Oct 26, 2015 at 6:47 AM, Ted Unangst <t...@tedunangst.com> wrote: >> > Old bug in pwcache functions. Calling setpassent(1) to keep the passwd >> > database open is a surprising abstraction violation for the caller of >> > user_from_uid. Now it has a file descriptor it must close before exec by >> > calling endpwent(), but this fact is not mentioned. (find is affected by >> > this, >> > for example.) >> >> That last claim isn't true: the fds are marked close-on-exec so >> there's no leakage. > > That's what I get for believing the lies of the setpassent() man page.
Ah, I missed fixing that before. How's this? Index: getpwent.3 =================================================================== RCS file: /data/src/openbsd/src/lib/libc/gen/getpwent.3,v retrieving revision 1.29 diff -u -p -r1.29 getpwent.3 --- getpwent.3 15 Jan 2015 03:19:43 -0000 1.29 +++ getpwent.3 26 Oct 2015 16:18:00 -0000 @@ -73,12 +73,9 @@ that wish to process the complete list o It is dangerous for long-running programs to keep the file descriptors open as the database will become out of date if it is updated while the program is running. -Furthermore, programs that run child processes should be careful to call -.Fn endpwent -to close these descriptors before calling +However the file descriptors are automatically closed when .Xr execve 2 -or -.Xr system 3 . +is called. .Pp .Fn setpwent causes Index: getpwnam.3 =================================================================== RCS file: /data/src/openbsd/src/lib/libc/gen/getpwnam.3,v retrieving revision 1.7 diff -u -p -r1.7 getpwnam.3 --- getpwnam.3 15 Jan 2015 03:19:43 -0000 1.7 +++ getpwnam.3 26 Oct 2015 16:18:03 -0000 @@ -106,12 +106,9 @@ These file descriptors can be closed by It is dangerous for long-running programs to keep the file descriptors open as the database will become out of date if it is updated while the program is running. -Furthermore, programs that run child processes should be careful to call -.Xr endpwent 3 -to close these descriptors before calling +However the file descriptors are automatically closed when .Xr execve 2 -or -.Xr system 3 . +is called. .Pp These routines have been written to .Dq shadow