Date: Sat, 2 Sep 2000 22:58:49 +0100 From: Ben Smithurst <ben@FreeBSD.org> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902225849.R72445@strontium.scientia.demon.co.uk> In-Reply-To: <Pine.NEB.3.96L.1000902174123.60028C-100000@fledge.watson.org> References: <20000902155701.C1263@hamlet.nectar.com> <Pine.NEB.3.96L.1000902174123.60028C-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson wrote:
> Instead, either perform the open() directly to check, or make use of the
> access() syscall.
Would this be the same access() whose manual page clearly says:
CAVEAT
Access() is a potential security hole and should never be used.
--
Ben Smithurst / ben@FreeBSD.org / PGP: 0x99392F7D
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000902225849.R72445>