A historical curiosity in su(1)
Conrad Meyer
cem at freebsd.org
Tue Mar 21 23:30:14 UTC 2017
On Tue, Mar 21, 2017 at 4:14 PM, Conrad Meyer <cem at freebsd.org> wrote:
> Hi Chris,
>
> You might be interested in FreeBSD's copy of the CSRG repository.[0]
> Some of this logic was changed by karels@ in "r45520"[1] (of course it
> wasn't Subversion at the time). The previous change[2] message
> includes "use new getlogin()." Prior to that change, su did not use
> getlogin/getpwnam.
>
> The "BUGS" section of the getlogin(2) manual page says:
>
> In earlier versions of the system, getlogin() failed unless the process
> was associated with a login terminal. The current implementation (using
> setlogin()) allows getlogin to succeed even when the process has no con-
> trolling terminal. In earlier versions of the system, the value returned
> by getlogin() could not be trusted without checking the user ID. Porta-
> ble programs should probably still make this check.
>
> That might explain it?
>
> Best,
> Conrad
>
> [0]: https://svnweb.freebsd.org/csrg/usr.bin/su/su.c?view=annotate
> [1]: https://svnweb.freebsd.org/csrg?view=revision&revision=45520
> [2]: https://svnweb.freebsd.org/csrg?view=revision&revision=45127
Additionally, that getlogin(2) BUGS blurb dates to karels in 1990 as
well.[3] The commit message was "good enough for now." A different
time :-).
[3]: https://svnweb.freebsd.org/csrg?view=revision&revision=43655
More information about the freebsd-hackers
mailing list