Replace uid==0 tests with capability checks
Corinna Vinschen
vinschen at redhat.com
Thu Mar 19 20:42:18 EST 2009
On Mar 19 02:08, Peter Stuge wrote:
> Corinna Vinschen wrote:
> > Is there any chance this can be discussed at one point?
>
> I approve too, even though I am not really affected.
>
> Maybe it could take advantage of capabilities in Linux though.
That's the idea. I'm not asking for Cygwin's benefit alone. A couple
of OSes have finer grained capabilities. And, as far as I'm concerned,
code like this:
if (uid_has_capability(getuid(), CAP_SWITCH_USER))
is much more instructive than
if (getuid() == 0)
Likewise, this:
if (channel_input_port_forward_request(
uid_has_capability(s->pw->pw_uid, CAP_RSVD_PORTS),
options.gateway_ports) < 0) {
is more instructive than this:
if (channel_input_port_forward_request(s->pw->pw_uid == 0,
options.gateway_ports) < 0) {
So, in my eyes this change would make the code clearer even in the
upstream OpenBSD-only code. Given that the uid_has_capability function
would be a no-brainer on BSD and other systems having no capabilities
model
int
uid_has_capability (uid_t uid, int capability __attribute ((unused)))
{
return uid == 0;
}
I only see advantages here.
Corinna
--
Corinna Vinschen
Cygwin Project Co-Leader
Red Hat
More information about the openssh-unix-dev
mailing list