Tests for Andrew's talloc security work

Andreas Schneider asn at samba.org
Sun Sep 6 08:48:26 UTC 2015

On Saturday, September 05, 2015 08:08:42 AM Andrew Bartlett wrote:
> Andreas,
> You have an 'if initialised' check in uid_wrapper, and commented about
> needing this in libssh when I raised this previously.  Can you explain
> the race you see?  Is it only when the calling program can also access
> the crypto libs (rather than this static variable in our own .so)?

This has nothing todo with libssh. uwrap_init() is called by each libc 
function we implement in the wrapper, e.g. setuid(), seteuid() ...

You can also use library contructors for that, but the question is if it is 
supported on all platforms. So we do not rely on the constructor ...

We use a constructor to init threading support to setup pthread_atfork(). The 
destructor cleans up memory.

	-- andreas

More information about the samba-technical mailing list