home dir in cygwin

pll at lanminds.com pll at lanminds.com
Thu Feb 6 16:22:22 EST 2003 

In a message dated: Thu, 06 Feb 2003 16:03:44 EST
Erik Price said:

>Derek Martin wrote:
>> 
>> It is mildly surprising to me that it worked as effectively as it
>> did for you...  The "proper" way to authoritatively find out a user's
>> home directory is to use the pw_dir element of a struct passwd which
>> has been filled out by a call to getpwent(), getpwuid() or getpwnam(),
>> which will consult the underlying authentication mechansims on the
>> system.  This is especially true of programs which are SUID, and/or
>> need to reliably determine what the home directory of the user is.
>> The trouble is presicely that a user CAN change the value of $HOME,
>> which in at least some cases may present a security concern.
>> 
>
>Wow!  That is some arcane knowledge!
>I'm impressed.

I'm curious why you think that is arcane[1]?  I was about to remark 
something amazingly similar to mod, but got distracted and Derek beat 
me to it[2] :)

That knowledge is indispensable to anyone who needs to debug user 
environments (e.g. a sysadmin).

Are you saying it's arcane just because you didn't know it, or 
because you do, but didn't expect anyone else to.

(I'm just trying to figure out where you're coming from, no insult is 
meant by this line of questioning.)

Footnotes:
----------

[1] I mean, why else would they have a location in the /etc/passwd 
    file for home directories, which is parsed by the getpwent(3)
    call, for which the man page states:

        The  getpwent()  function returns a pointer to a structure
        containing broken out fields of a line  from  /etc/passwd.

[2] As is usually the case, since a) I'm very easily distracted, and 
    b) Derek is usually far quicker to more eloquently state that which
    which is floating around somewhere in my brain, but hasn't quite 
    made it out of that dark, dusty, labyrinth yet (usually due to 
    the fact that I got distracted :)
-- 

Seeya,
Paul
--
Key fingerprint = 1660 FECC 5D21 D286 F853  E808 BB07 9239 53F1 28EE

	It may look like I'm just sitting here doing nothing,
   but I'm really actively waiting for all my problems to go away.

	 If you're not having fun, you're not doing it right!

More information about the gnhlug-discuss mailing list