* ext/etc/etc.c (etc_getlogin): update documentation to note

security issue. [ruby-Bugs-11821] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@13284 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2007-08-27 10:15:18 +00:00 · 2007-08-27 10:15:18 +00:00 · fd618e2234
commit fd618e2234
parent 3ca07d8718
2 changed files with 7 additions and 0 deletions
--- a/5
+++ b/5
@ -1,3 +1,8 @@
+Mon Aug 27 19:10:50 2007  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* ext/etc/etc.c (etc_getlogin): update documentation to note
+	  security issue.  [ruby-Bugs-11821]
+
 Mon Aug 27 15:56:48 2007  Nobuyoshi Nakada  <nobu@ruby-lang.org>

 	* string.c (sym_encoding): return the encoding of a Symbol.
--- a/ext/etc/etc.c
+++ b/ext/etc/etc.c
@ -35,6 +35,8 @@ char *getenv();
 char *getlogin();

 /* Returns the short user name of the currently logged in user.
+ * Unfortunately, it is often rather easy to fool getlogin().
+ * Avoid getlogin() for security-related purposes.
 *
 * e.g.
 *   Etc.getlogin -> 'guest'