[RFC] last(1) with security.bsd.see_other_uids support
Bryan Drewery
bryan at shatow.net
Mon Jun 4 18:20:19 UTC 2012
On 6/4/2012 8:17 AM, Bryan Drewery wrote:
>
>
> On 6/4/2012 4:42 AM, Pawel Jakub Dawidek wrote:
>> A library is definiately a better place, although then I wouldn't pass
>> see_other_uids as an argument, but obtain it within the function itself.
>
> Does libc make sense for this? I'm thinking yes since it's where the utx
> functions live.
>
> In particular this change seems to make sense in getutxent(3).
>
> Though I do not want to violate POSIX...
>
> The endutxent(), getutxent(), getutxid(), getutxline() and setutxent()
> functions are expected to conform to IEEE Std 1003.1-2008
> (``POSIX.1'').
>
Found this [1]:
An implementation that provides extended security controls may
impose implementation-defined restrictions on accessing the user
accounting database. In particular, the system may deny the
existence of some or all of the user accounting database entries
associated with users other than the caller.
So POSIX allows this.
I will proceed and submit another patch for review soon.
Regards,
Bryan Drewery
bdrewery at freenode, bryan at EFNet
[1] http://pubs.opengroup.org/onlinepubs/009695399/functions/getutxid.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20120604/2e6214c8/signature.pgp
More information about the freebsd-hackers
mailing list