ruby-changes:1793
From: ko1@a...
Date: 27 Aug 2007 19:15:32 +0900
Subject: [ruby-changes:1793] matz - Ruby:r13284 (trunk): * ext/etc/etc.c (etc_getlogin): update documentation to note
matz 2007-08-27 19:15:18 +0900 (Mon, 27 Aug 2007)
New Revision: 13284
Modified files:
trunk/ChangeLog
trunk/ext/etc/etc.c
Log:
* ext/etc/etc.c (etc_getlogin): update documentation to note
security issue. [ruby-Bugs-11821]
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/ChangeLog?r1=13284&r2=13283
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/ext/etc/etc.c?r1=13284&r2=13283
Index: ChangeLog
===================================================================
--- ChangeLog (revision 13283)
+++ ChangeLog (revision 13284)
@@ -1,3 +1,8 @@
+Mon Aug 27 19:10:50 2007 Yukihiro Matsumoto <matz@r...>
+
+ * ext/etc/etc.c (etc_getlogin): update documentation to note
+ security issue. [ruby-Bugs-11821]
+
Mon Aug 27 15:56:48 2007 Nobuyoshi Nakada <nobu@r...>
* string.c (sym_encoding): return the encoding of a Symbol.
Index: ext/etc/etc.c
===================================================================
--- ext/etc/etc.c (revision 13283)
+++ ext/etc/etc.c (revision 13284)
@@ -35,6 +35,8 @@
char *getlogin();
/* Returns the short user name of the currently logged in user.
+ * Unfortunately, it is often rather easy to fool getlogin().
+ * Avoid getlogin() for security-related purposes.
*
* e.g.
* Etc.getlogin -> 'guest'
--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml