PATCH: sftp-server logging.
Jason A. Dour
jason at dour.org
Sat Mar 16 05:49:03 EST 2002
On Fri, Mar 15, 2002 at 10:52:24AM -0600, Ben Lindstrom wrote:
>
> For argument sake:
>
> + if ((upw = getpwuid(cuid)) == NULL) {
> + cuname = NULL;
> + } else {
> + cuname = xstrdup(upw->pw_name);
> + }
>
> Ermm.. Under what case should getpwuid() fail and still allow the
> user to keep the connection? I can think of none. It should
> terminate with an error.
I didn't make it fail because sftp-server (presently) does not do
any checking on the validity of the user calling the program,
instead relying on the sshd to handle all sanity checking.
It would be easy enough to dump out with an error, but that would've
changed the order of operations for sftp-server beyond the scopr of
just logging, which is something I would leave for discussions here.
If that's agreed to be a Good Thing, then I'll gladly alter and
resubmit the patch.
Any other thoughts?
Cheers,
Jason
# "Jason A. Dour" <jason at dour.org> http://dour.org/
# Founder / Executive Producer - PJ Harvey Online - http://pjh.org/
More information about the openssh-unix-dev
mailing list