Date: Tue, 5 Mar 2002 12:55:48 +0200 From: Alexey Zelkin <phantom@FreeBSD.org> To: "Andrey A. Chernov" <ache@nagual.pp.ru> Cc: audit@FreeBSD.org Subject: Re: safety checking for catgets (NLS catalogs) Message-ID: <20020305125548.A92735@ark.cris.net> In-Reply-To: <20020302184656.GA32218@nagual.pp.ru>; from ache@nagual.pp.ru on Sat, Mar 02, 2002 at 09:46:57PM %2B0300 References: <20020302202437.A1078@gate.sim.ionidea.com> <20020302184656.GA32218@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
hi,
On Sat, Mar 02, 2002 at 09:46:57PM +0300, Andrey A. Chernov wrote:
> I dislike whole idea, it just add yet one runtime slowness.
Yes it adds small overhead. Actually I think it was not good idea to
add this check each time on catgets() and will move this check to
catalog loading stage.
> Suser programs
> authors should just check their translations more accurately.
We can't guarantee accuratness of all third party authors :-(
And what about case when host was compromised ?
> Better way to solve it is to add external check tool to run through all
> existen catalogs for given program, do it once and not each run time.
I don't think that it's good idea, since this require adding new tool
into base system and it's not guaranteed that people will use it. Actually
runtime check is much more accurate in this case. As I noted before it
will be moved to loading stage and will not add any slownes to runtime
behaviour.
> Translation strings are per program version constants and not changed each
> run time, so there is absolutely no needs to check them each run time.
I've tried to design check procedure as simple as possible and it's quite
fast in my opinion. At least in this case we can guarantee that incorrectly
translated or stale strings from catalog will not affect application
work.
> On Sat, Mar 02, 2002 at 20:24:37 +0200, Alexey Zelkin wrote:
>
> > + while (*src != '\0' && *dflt != '\0') {
> > + while (1) {
> > + if (*dflt != *src)
> > + return (1);
> > + if (strchr(VALID_CONV_SPECIFIERS, *dflt))
>
> *dflt can be '\0' here and strchr() will succeed.
>
> > + break;
> > + src++;
> > + dflt++;
> > + }
>
> --
> Andrey A. Chernov
> http://ache.pp.ru/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020305125548.A92735>