Skip site navigation (1) Skip section navigation (2)

Re: [BUGS] More SSL questions..

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc: "T(dot)J(dot)" <tjtoocool(at)phreaker(dot)net>,pgsql-hackers-win32(at)postgresql(dot)org,Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>,Magnus Hagander <mha(at)sollentuna(dot)net>,"Matthew T(dot) O'Connor" <matthew(at)zeut(dot)net>,Dave Page <dpage(at)vale-housing(dot)co(dot)uk>
Subject: Re: [BUGS] More SSL questions..
Date: 2005-01-08 22:26:39
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers-win32
Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
> Tom Lane wrote:
>> Doh --- isn't fstat's st_ino a meaningless value on Windows?

> Pretty much, yes.

The minimum change to fix it would be to ifdef out the fstat call and
ino/dev test on WIN32.  However, I'm wondering why the code does it that
way in the first place.  The proper way to enforce the security check,
if we're worried about race conditions, is to apply the file
ownership/permissions test to the fstat result.  It's not clear to me
that the stat call before fopen is worth anything at all.  Thoughts?

			regards, tom lane

In response to

pgsql-hackers-win32 by date

Next:From: Bruce MomjianDate: 2005-01-10 04:27:42
Subject: Re: [BUGS] More SSL questions..
Previous:From: Andrew DunstanDate: 2005-01-08 22:02:04
Subject: Re: [BUGS] More SSL questions..

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group