Tests for Andrew's talloc security work
asn at samba.org
Sun Sep 6 08:48:26 UTC 2015
On Saturday, September 05, 2015 08:08:42 AM Andrew Bartlett wrote:
> You have an 'if initialised' check in uid_wrapper, and commented about
> needing this in libssh when I raised this previously. Can you explain
> the race you see? Is it only when the calling program can also access
> the crypto libs (rather than this static variable in our own .so)?
This has nothing todo with libssh. uwrap_init() is called by each libc
function we implement in the wrapper, e.g. setuid(), seteuid() ...
You can also use library contructors for that, but the question is if it is
supported on all platforms. So we do not rely on the constructor ...
We use a constructor to init threading support to setup pthread_atfork(). The
destructor cleans up memory.
More information about the samba-technical