From owner-cvs-all Sun Nov 26 19:10:19 2000 Delivered-To: cvs-all@freebsd.org Received: from mobile.wemm.org (adsl-64-163-195-99.dsl.snfc21.pacbell.net [64.163.195.99]) by hub.freebsd.org (Postfix) with ESMTP id 661E937B479; Sun, 26 Nov 2000 19:10:14 -0800 (PST) Received: from netplex.com.au (localhost [127.0.0.1]) by mobile.wemm.org (8.11.1/8.11.1) with ESMTP id eAR3A3D44621; Sun, 26 Nov 2000 19:10:13 -0800 (PST) (envelope-from peter@netplex.com.au) Message-Id: <200011270310.eAR3A3D44621@mobile.wemm.org> X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 To: "Brian F. Feldman" Cc: Alfred Perlstein , obrien@FreeBSD.org, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/inetd builtins.c In-Reply-To: <200011262140.eAQLe2576200@green.dyndns.org> Date: Sun, 26 Nov 2000 19:10:03 -0800 From: Peter Wemm Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "Brian F. Feldman" wrote: > Alfred Perlstein wrote: > > Because your "fix" was a gross hack on top of the gross hack already > > in place. > > Here, you can review this, then: How about the O_NOFOLLOW flag? It avoids the worst of the races because you can open and lstat and be immune to symlink races. > /* > - * If we were to lstat() here, it would do no good, since it > - * would introduce a race condition and could be defeated. > + * We can't stat() here since that would be a race > + * condition. > * Therefore, we open the file we have permissions to open > * and if it's not a regular file, we close it and end up > * returning the user's real username. > */ > fakeid_fd = open(p, O_RDONLY | O_NONBLOCK); Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message