Date: Tue, 25 Mar 1997 05:43:54 +1100 (EST) From: proff@suburbia.net To: phk@critter.dk.tfs.com (Poul-Henning Kamp) Cc: security@freebsd.org Subject: Re: cvs commit: src/lib/libtermcap pathnames.h termcap.c Message-ID: <19970324184354.2150.qmail@suburbia.net> In-Reply-To: <228.859227442@critter> from Poul-Henning Kamp at "Mar 24, 97 07:17:22 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> In message <97Mar24.094840pst.177486@crevenia.parc.xerox.com>, Bill Fenner writ > es: > >I think a lot would be solved by having a library function like > >access() that also accepts a UID. Then the don't-let-people-access- > >files-in-a-setuid-program-that-they-wouldn't-normally-have-access-to > >problem, instead of being solved in N different setuid programs, > >could be solved once. > > Well, access_as(2) alone will not do it, you would need a open_as(2), > unlink_as(2), rename_as(2) and so on... > > -- > Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. > http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. > whois: [PHK] | phk@tfs.com TRW Financial Systems, Inc. > Power and ignorance is a disgusting cocktail. > The access_as case is silly anyway, due to race conditions.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970324184354.2150.qmail>