From owner-cvs-all Sun Nov 26 20:50:31 2000 Delivered-To: cvs-all@freebsd.org Received: from green.dyndns.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id F14ED37B479; Sun, 26 Nov 2000 20:50:26 -0800 (PST) Received: from localhost (eqmre3@localhost [127.0.0.1]) by green.dyndns.org (8.11.0/8.11.0) with ESMTP id eAR4oG579042; Sun, 26 Nov 2000 23:50:18 -0500 (EST) (envelope-from green@FreeBSD.org) Message-Id: <200011270450.eAR4oG579042@green.dyndns.org> X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 To: "Brian F. Feldman" Cc: Peter Wemm , Alfred Perlstein , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/inetd builtins.c In-Reply-To: Message from "Brian F. Feldman" of "Sun, 26 Nov 2000 23:05:15 EST." <200011270405.eAR45H578642@green.dyndns.org> From: "Brian F. Feldman" Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 26 Nov 2000 23:50:11 -0500 Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "Brian F. Feldman" wrote: > Peter Wemm wrote: > > How about the O_NOFOLLOW flag? It avoids the worst of the races because you > > can open and lstat and be immune to symlink races. > > I've decided the comment needed to be changed because the race condition to > be worried about is stat(), "okay, it's VREG", open() -> "Hey, it's not!". > Whether it's a symlink or not doesn't matter since the user's credentials > are being used in the permission checks. Now, the problem with this, is > that if the user is allowed to access a file (device? weird file system?) > that does not correctly respect O_NONBLOCK, it can be still made to block. And to mostly answer my own question :) what I'm looking for is mostly the filehandle stuff! The only thing missing is the ability to set my effective permissions and have getfh() respect my current effective credentials while letting me use it because I'm "really" root. It would be perfect. *hints at alfred* -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message