"GOT", but the "O" is a cute, smiling pufferfish. Index | Thread | Search

From:
"Todd C. Miller" <millert@openbsd.org>
Subject:
Re: fix gotd group auth
To:
Stefan Sperling <stsp@stsp.name>
Cc:
gameoftrees@openbsd.org
Date:
Thu, 17 Nov 2022 09:03:52 -0700

Download raw body.

Thread
On Thu, 17 Nov 2022 10:03:36 +0100, Stefan Sperling wrote:

> gotd group auth is broken. It matches against the groups of
> the user running gotd instead of the user which is connecting
> to the socket :-) Fix this and add tests for various cases
> where gotd should deny repository read access.

I don't think it makes sense to examine errno on getpwuid() failure.
This should really be an unknown user kind of error.

 - todd