From owner-freebsd-questions  Thu Jul  2 14:34:43 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id OAA13117
          for freebsd-questions-outgoing; Thu, 2 Jul 1998 14:34:43 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from mail.camalott.com (root@mail.camalott.com [208.203.140.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA13069
          for <freebsd-questions@freebsd.org>; Thu, 2 Jul 1998 14:34:12 -0700 (PDT)
          (envelope-from joelh@gnu.org)
Received: from detlev.UUCP (tex-108.camalott.com [208.229.74.108])
	by mail.camalott.com (8.8.7/8.8.5) with ESMTP id QAA06790;
	Thu, 2 Jul 1998 16:34:18 -0500
Received: (from joelh@localhost)
	by detlev.UUCP (8.8.8/8.8.8) id QAA06871;
	Thu, 2 Jul 1998 16:34:17 -0500 (CDT)
	(envelope-from joelh)
Date: Thu, 2 Jul 1998 16:34:17 -0500 (CDT)
Message-Id: <199807022134.QAA06871@detlev.UUCP>
To: freebsd-questions@FreeBSD.ORG
Subject: access(2) security issues
From: Joel Ray Holveck <joelh@gnu.org>
Reply-to: joelh@gnu.org
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I see in access(2):

  CAVEAT
       Access() is a potential security hole and should never be used.

I'm presently changing the file operations on a program that uses
access, and one module operates suid root.  What do I need to concern
myself with?  I didn't see anything in the CVS logs or mailing
archives.

Happy hacking,
joelh

-- 
Joel Ray Holveck - joelh@gnu.org - http://www.wp.com/piquan
   Fourth law of programming:
   Anything that can go wrong wi
sendmail: segmentation violation - core dumped

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message