I second this. There is one OS where getlogin does not follow POSIX and is maybe insecure, and the fix cannot be to hide the function for all other OS. IMHO, these differences should be handled on a higher level, and not in the module providing the bindings.
Semantically, there is a big difference between getlogin and getuid: getlogin shall also work when the user calls a setuid program which in turn invokes a script. These script commands can then use getlogin to identify the original user (which is defined as the user of the session = the user of the controlling terminal). In contrast, getuid would return the uid to which setuid switched (for the script). So, I'd say, you cannot repair getlogin with getuid. The best fix is probably to just run `/usr/bin/logname </dev/tty` and read the printed name. Gerd > getpwuid(getuid()) is not a synonym for get_login (refer to the > discussion in the POSIX standard[^1]). You should not shadow posix functions by functions with different semantics in the Unix modules; providing your own abstraction over the OS is a commendable goal but you should do so without silently bypassing core functions. > > Till > [1]:http://pubs.opengroup.org/onlinepubs/007904975/functions/getlogin.html > > > On Tue, Mar 20, 2012 at 2:28 PM, David House <dho...@janestreet.com> wrote: >> Note that Jane Street's core library [1] does not use getlogin(3) in its replacement Unix module, for exactly this reason: >> >> (* The standard getlogin function goes through utmp which is unreliable,  see the BUGS section of getlogin(3) *) >> let getlogin_orig = Unix.getlogin >> let getlogin () = (Unix.getpwuid (getuid ())).Unix.pw_name >> >> [1]: https://bitbucket.org/yminsky/ocaml-core/wiki/Home >> >> I just tested your specific example, and it worked fine. >> >> >> On Tue 20 Mar 2012 06:07:59 PM GMT, Ricardo Catalinas Jiménez wrote: >>> >>> On Tue, Mar 20, 2012 at 06:51:13PM +0100, Ricardo Catalinas Jiménez wrote: >>>> >>>> I found out the next issue in this simple code: >>>> >>>> let () = >>>>   print_endline "Hello"; >>>>   print_endline (Unix.getlogin ()) >>>> >>>> Running in the normal case, with `./a.out' gives: >>>> >>>> Hello >>>> ricardo >>>> >>>> But running like `./a.out</dev/null' makes Unix.getlogin fail: >>>> >>>> Hello >>>> Fatal error: exception Unix.Unix_error(20, "getlogin", "") >>>> >>>> A simple strace reveals the problem: >>>> >>>>   open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3 >>>>   fstat(3, {st_mode=S_IFREG|0644, st_size=509, ...}) = 0 >>>>   mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, >>>> 0) = 0x7fb125554000 >>>>   read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 509   read(3, "", 4096)            = 0 >>>>   close(3)                 = 0   munmap(0x7fb125554000, 4096)       = 0 >>>> ->  ioctl(0, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, 0x7fff12682c98) = -1 ENOTTY (Inappropriate ioctl for device)   write(2, "Fatal error: exception Unix.Unix"..., 59) = 59   exit_group(2)              = ? >>> >>> >>> >>> Someone knew the answer, man 3 getlogin reads: >>> >>>     Note that glibc does not follow the POSIX specification and uses >>>     stdin instead of /dev/tty.  A bug.  (Other recent systems, like >>>     SunOS 5.8 and HP-UX 11.11 and FreeBSD 4.8 all return the login >>>     name also when stdin is redirected.) >>> >>> >>> Regards >> >> >> >> >> -- >> Caml-list mailing list.  Subscription management and archives: https://sympa-roc.inria.fr/wws/info/caml-list >> Beginner's list: http://groups.yahoo.com/group/ocaml_beginners >> Bug reports: http://caml.inria.fr/bin/caml-bugs >> > > > -- > Caml-list mailing list. Subscription management and archives: > https://sympa-roc.inria.fr/wws/info/caml-list > Beginner's list: http://groups.yahoo.com/group/ocaml_beginners > Bug reports: http://caml.inria.fr/bin/caml-bugs > > > -- Gerd Stolpmann, Darmstadt, Germany g...@gerd-stolpmann.de Creator of GODI and camlcity.org. Contact details: http://www.camlcity.org/contact.html Company homepage: http://www.gerd-stolpmann.de *** Searching for new projects! Need consulting for system *** programming in Ocaml? Gerd Stolpmann can help you. -- Gerd Stolpmann, Darmstadt, Germany g...@gerd-stolpmann.de Creator of GODI and camlcity.org. Contact details: http://www.camlcity.org/contact.html Company homepage: http://www.gerd-stolpmann.de *** Searching for new projects! Need consulting for system *** programming in Ocaml? Gerd Stolpmann can help you. -- Caml-list mailing list. Subscription management and archives: https://sympa-roc.inria.fr/wws/info/caml-list Beginner's list: http://groups.yahoo.com/group/ocaml_beginners Bug reports: http://caml.inria.fr/bin/caml-bugs
