From owner-freebsd-hackers  Tue Jul 13  6:54:18 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from janus.syracuse.net (janus.syracuse.net [205.232.47.15])
	by hub.freebsd.org (Postfix) with ESMTP id 4AD2114D94
	for <hackers@FreeBSD.org>; Tue, 13 Jul 1999 06:54:15 -0700 (PDT)
	(envelope-from green@FreeBSD.org)
Received: from localhost (green@localhost)
	by janus.syracuse.net (8.9.2/8.8.7) with ESMTP id JAA76732;
	Tue, 13 Jul 1999 09:51:43 -0400 (EDT)
X-Authentication-Warning: janus.syracuse.net: green owned process doing -bs
Date: Tue, 13 Jul 1999 09:51:43 -0400 (EDT)
From: "Brian F. Feldman" <green@FreeBSD.org>
X-Sender: green@janus.syracuse.net
To: Ville-Pertti Keinonen <will@iki.fi>
Cc: hackers@FreeBSD.org
Subject: Re: a BSD identd
In-Reply-To: <86908l829q.fsf@not.demophon.com>
Message-ID: <Pine.BSF.4.10.9907130946220.76301-100000@janus.syracuse.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On 13 Jul 1999, Ville-Pertti Keinonen wrote:

> 
> green@FreeBSD.org (Brian F. Feldman) writes:
> 
> > It's "out with the bad, in with the good." Pidentd code is pretty terrible.
> > The only security concerns with my code were wrt FAKEID, and those were
> > mostly fixed (mostly meaning that a symlink _may_ be opened, but it won't
> > be read.) If anyone wants to audit my code for security, I invite them to.
> 
> Did you mean to avoid reading through symlinks using the open + fstat
> method mentioned earlier in the thread?

No, I meant to avoid opening a file the user couldn't, or reading from a dev.

> 
> I thought I'd misunderstood, that you had to be discussing something
> else, since you and whoever else was involved both agreed that open +
> fstat is sufficient, and I thought that several people can't possibly
> be so completely confused.
> 
> If you really want to avoid reading through symlinks, you need to
> lstat, open and fstat (the order doesn't really matter).
> 

I don't care about symlinks. I care about the underlying file.

> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
> 

 Brian Fundakowski Feldman      _ __ ___ ____  ___ ___ ___  
 green@FreeBSD.org                   _ __ ___ | _ ) __|   \ 
     FreeBSD: The Power to Serve!        _ __ | _ \._ \ |) |
       http://www.FreeBSD.org/              _ |___/___/___/ 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message