Date: Sat, 13 Apr 2013 20:29:52 +0200 From: =?iso-8859-1?Q?P=E9tur_Ingi_Egilsson?= <petur@petur.eu> To: freebsd-security@freebsd.org Subject: File descriptors Message-ID: <B4285FA7-E3EF-4639-BFC0-9BEA7881A5CB@petur.eu>
index | next in thread | raw e-mail
I noticed that if I execute the following code, then the program is able to read the file even if the files' permissions are changed around the /mark/ section in such a way that the UID under which the program is running should not have any permission to read the file.
This is not a desirable behaviour.
How can I prevent this behaviour on my system?
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char **argv)
{
if (argc != 2) {
printf("Usage: %s filename\n", argv[0]);
exit(EXIT_FAILURE);
}
FILE *fd;
char *line = NULL;
size_t len = 0;
fd = fopen(argv[2], "r");
/* mark */
if (fd == NULL) {
exit(EXIT_FAILURE);
}
while (getline(&line, &len, fd) != -1) {
printf("%s", line);
}
fclose(fd);
exit(EXIT_SUCCESS);
}
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B4285FA7-E3EF-4639-BFC0-9BEA7881A5CB>