security review and patches for libpurple

Ethan Blanton elb at
Thu Aug 11 23:08:32 EDT 2011

Dan Auerbach spake unto us the following wisdom:
> >* bonjour-geteuid.diff
> >
> >   I think this is just wrong.  It looks to me like we *want* euid, not
> >   uid.  I can't think of any reason to setuid Pidgin in the first
> >   place, but if we do, it seems like the euid is probably who you want
> >   to be running Pidgin.  I don't know.  It's not clear to me how this
> >   should be changed either way.
> I believe this patch replaces uid with euid.

It does.  This just goes to show you how nonsensical the difference is
between getuid and geteuid in this case.  When I rejected the patch, I
was convinced that getuid was correct and geteuid was wrong, and all I
remembered was that the patch was wrong.  This time I thought it did
the opposite, and still convinced myself the patch was wrong.

I think the bottom line is that setuid Pidgin is just broken, so it
isn't clear whether you'd want uid or euid.  :-) I guess I have no
feelings about this patch's correctness either way, because I think
the difference is moot.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: Digital signature
URL: <>

More information about the security mailing list