httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@algroup.co.uk>
Subject Re: Deja vu
Date Fri, 05 Jan 2001 23:45:08 GMT
rbb@covalent.net wrote:
> 
> > > > BTW, I don't understand why you are concerned with a collision between
> > > > userdir and suexec and not collisions with themselves?
> > >
> > > Because the mutex that we described would prevent collision with
> > > themselves.  We said that we were going to put a mutex in apr_home_dir, to
> > > lock other threads from calling it at the same time.  That works just
> > > fine, but it doesn't protect the other functions in the C Run-Time that
> > > use the password database.
> >
> > I'm obviously missing something - why does it matter that two different
> > modules use apr_home_dir? Surely the fact that _anything_ threaded uses
> > it is enough to screw us?
> 
> Ah, I see the problem.  It isn't apr_home_dir that would cause the
> problem.  The problem is that under the covers apr_home_dir calls
> getpwnam, which access the password database using static memory in the C
> Run-Time.  We can put locks around getpwnam in apr_home_dir, and this will
> ensure that multiple calls to apr_home_dir won't affect each other.
> 
> The problem comes in when some other C Run-Time function that access the
> password database is called.  These potentially uses the same static
> memory in the C Run-Time that getpwname uses, so we might overwrite the
> data that getpwnam wants.
> 
> The locks that we put around getpwnam in apr_home_dir won't protect us if
> some other part of Apache calls into the C Run-Time's password db
> accessors without locking the mutex.

??? But surely they shouldn't do that, coz they should call APRs
routines for doing it?

> Does that clear it up?

Nope.

Actually, after contemplation, I thought the deal was that although you
could lock getpwnam (and anything else that might obviously collide) you
may still get bitten by something less obvious that collides with
something getpwnam calls. I don't really buy this argument, because the
obvious counter is to use a _universal_ mutex for _all_ non-thread-safe
stuff, then they can interact as much as they want, coz only one will be
running in practice. Stuff that uses this without APR's assistance in
Apache is just plain broken, and not to be worried about. IMO.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Mime
View raw message