Download raw body.
fix gotd group auth
On Thu, Nov 17, 2022 at 09:03:52AM -0700, Todd C. Miller wrote: > On Thu, 17 Nov 2022 10:03:36 +0100, Stefan Sperling wrote: > > > gotd group auth is broken. It matches against the groups of > > the user running gotd instead of the user which is connecting > > to the socket :-) Fix this and add tests for various cases > > where gotd should deny repository read access. > > I don't think it makes sense to examine errno on getpwuid() failure. > This should really be an unknown user kind of error. These functions read files or yellow pages and can fail for reasons such as i/o failures. Our getpwuid implementation sets errno on failure. Since errno is not mentioned in the man page, I agree that we should probably not check it. I ended up reading the implementation because the man page was too vague. I have no idea how portable checking for errno is in this case... :-/
fix gotd group auth