| From: | Diego Elio Pettenò <flameeyes(at)flameeyes(dot)eu> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #6302: Certificate lookup fails for users with /dev/null as home directory |
| Date: | 2011-11-21 18:03:31 |
| Message-ID: | 1321898611.5998.3.camel@titan.home.flameeyes.eu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Il giorno lun, 21/11/2011 alle 18.59 +0100, Magnus Hagander ha scritto:
> So a simple extension of the check to be for both ENOENT and ENOTDIR
> would work, right?
In this case, yes...
> Without validating the server certificate, however, it's kind of hard
> to actually call it secure.
As you said, that's a different beast altogether and is not what it's
doing right now ;)
> So yes, you'd fail. But in a scenario where you had say the wrong
> permissions on the file, we'd silently ignore it - this doesn't seem
> like the right thing to do. And it will cause scenarios hard to debug.
I would say that the proper solution would be something like:
Check if the file is reachable with stat; if any error happens during
stat(), log it (eventually) but let it pass; if the file is present but
with wrong (too wide?) permissions, throw an error, otherwise just use
it.
This way it doesn't really matter if the error is ENOENT, ENOTDIR,
ETOOLONG, or whatever else, if the file is unusable just tell me so and
don't use it.. authentication may proceed just fine.
> That's a different thing though. We'd have to do both though - but let
> $HOME override it.
That would be the preferred option indeed.
Thanks,
--
Diego Elio Pettenò <flameeyes(at)flameeyes(dot)eu>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Balser | 2011-11-22 21:18:12 | BUG #6304: initdb fails with loale ko_KR.eucKR |
| Previous Message | Magnus Hagander | 2011-11-21 17:59:17 | Re: BUG #6302: Certificate lookup fails for users with /dev/null as home directory |