Subject: Re: misc/2668: login-names >8 chars make no fun
To: der Mouse <mouse@Holo.Rodents.Montreal.QC.CA>
From: Charles M. Hannum <firstname.lastname@example.org>
Date: 08/30/1996 16:43:54
der Mouse <mouse@Holo.Rodents.Montreal.QC.CA> writes:
> Evangelical points of view aside, though, it does seem to me that if
> you're going to break binary compatability anyway, you should do so in
> an extensible way: redefine the file format so that it includes all
> these lengths in the file, so that when someone wants usernames longer
> than 16, or whatever, we don't have this situation happening again.
I presume you're implying that software should check what sizes the
file is using and DTRT. That would be nice, but what do you do about
the in-core format? And how do you inform the applications what the
There's a lot of code in the world, including much of our own, that
uses sizeof(ut_name) and/or UT_NAMESIZE, etc. What do you do about
them? Pick some large in-core size, and always truncate in the
library? Anything else is going to break source compatibility.
(Although I can see significant justification for breaking source
compatibility in some ways...)
On a related topic, Solaris uses a setuid program to manipulate utmp
and wtmp, I presume in the theory that this means other pieces of code
that use it do *not* need to be setuid. Unfortunately, for this to
work, it has to be able to tell whether you really own the tty.
STREAMS clone devices deal with this nicely...