On Thu, Aug 21, 2003 at 06:22:30PM -0400, Jeff King wrote: > Eh? I haven't weighed in on this issue at all. I simply saw the > changelog message when upgrading my X packages, read the 138195 bug > report, and wondered why nobody had pointed out what seemed "obvious" to > me. Er, sorry. For some reason I thought you were the bug submitter. I apologize for my attack of senile dementia. > That is, the bug poster is complaining that relative symlinks don't > work; they don't work because symlinks are being used (IMHO) incorrectly > in the code (that is, the kernel symlink resolution is being bypassed). > The solution I saw proposed (chdir) involved adding code to work around > this problem; a better solution (again, IMHO) is to not do the > problematic thing. Well, to be honest, I don't know what the canonical C way is for execv()ing a symlink. I guess it's execv()ing a symlink. :) > >From a code point of view, no. From a user point of view, perhaps. > The chdir() is not documented (to my knowledge) and could potentially > cause errors in some setups (though I'll admit that most users will just > use the default setup, which shouldn't care). Out of curiosity, how can doing the chdir() break anything? A relative symlink has to be resolved relative to the directory in which the symlink resides. If the symlink lived on a filesystem that were mounted noexec, the execv() should probably fail regardless of whether a chdir() precedes it or not. > > I'd have more sympathy for nitpicky stylistic criticism if people would > > earn the right to do so by paying attention to the Debian XFree86's > > packages development process. > > I do apologize for that. I don't really have time to keep up with every > commit, and it was in fact random chance that I decided to look at this > bug (after seeing it mentioned in the changelog, which I generally > skim). So this was the first I had seen it. Again, I had you confused with the submitter; sorry. Complaining about my solution after the bug is resolved does still feel like armchair quarterbacking, but I wouldn't have griped about it if it had occurred to me that you weren't Kees Bakker. (I went and looked it up this time. :) ) > I don't mean to beat up on you stylistically, either; I merely saw a > discussion where the "obvious" solution was not pointed out, so I > thought I would point it out. I found the submitter a little exasperating because it seemed he was always beating around the bush. So I guess I managed to implement a bush-beating solution. :-/ > If it's not worth the time in continuing the discussion, you can just > tell me to shut up. :) If you can satisfy my curiosity above, I'd be happy to apply your patches. Please keep in mind that my goal with xserver-wrapper.c is to be very paranoid, as it runs setuid root. Any reasonable precautions we can take within this program, we should. If you (or anyone else reading this on debian-x) would like to audit the code for possible misuse of static buffers, I'd appreciate it. It would be a good thing to have done before sarge freezes. Thanks for your patience with my intemperate reply. -- G. Branden Robinson | The greatest productive force is Debian GNU/Linux | human selfishness. branden@debian.org | -- Robert Heinlein http://people.debian.org/~branden/ |
Attachment:
pgpkKIDISPHRO.pgp
Description: PGP signature