From owner-freebsd-security Mon Mar 24 10:44:29 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id KAA26221 for security-outgoing; Mon, 24 Mar 1997 10:44:29 -0800 (PST) Received: from pdx1.world.net (pdx1.world.net [192.243.32.18]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id KAA26211 for ; Mon, 24 Mar 1997 10:44:25 -0800 (PST) From: proff@suburbia.net Received: from suburbia.net (suburbia.net [203.4.184.1]) by pdx1.world.net (8.7.5/8.7.3) with SMTP id KAA07489 for ; Mon, 24 Mar 1997 10:46:33 -0800 (PST) Received: (qmail 2152 invoked by uid 110); 24 Mar 1997 18:43:54 -0000 Message-ID: <19970324184354.2150.qmail@suburbia.net> Subject: Re: cvs commit: src/lib/libtermcap pathnames.h termcap.c In-Reply-To: <228.859227442@critter> from Poul-Henning Kamp at "Mar 24, 97 07:17:22 pm" To: phk@critter.dk.tfs.com (Poul-Henning Kamp) Date: Tue, 25 Mar 1997 05:43:54 +1100 (EST) Cc: security@freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > In message <97Mar24.094840pst.177486@crevenia.parc.xerox.com>, Bill Fenner writ > es: > >I think a lot would be solved by having a library function like > >access() that also accepts a UID. Then the don't-let-people-access- > >files-in-a-setuid-program-that-they-wouldn't-normally-have-access-to > >problem, instead of being solved in N different setuid programs, > >could be solved once. > > Well, access_as(2) alone will not do it, you would need a open_as(2), > unlink_as(2), rename_as(2) and so on... > > -- > Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. > http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. > whois: [PHK] | phk@tfs.com TRW Financial Systems, Inc. > Power and ignorance is a disgusting cocktail. > The access_as case is silly anyway, due to race conditions.