Skip site navigation (1)Skip section navigation (2) 
Date:      11 Oct 2002 09:56:24 -0700
From:      Ricardo Anguiano <anguiano@codesourcery.com>
To:        benjamin@seattlefenix.net
Cc:        Chris BeHanna <behanna@zbzoom.net>, FreeBSD Security <security@FreeBSD.ORG>
Subject:   Re: access() is a security hole?
Message-ID:  <m3k7koud6v.fsf@mordack.codesourcery.com>
In-Reply-To: <20021011164805.GA27132@surreal.seattlefenix.net>
References:  <20021011094935.I86274-100000@topperwein.pennasoft.com> <m3r8exszf8.fsf@mordack.codesourcery.com> <20021011164805.GA27132@surreal.seattlefenix.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
Benjamin Krueger <benjamin@seattlefenix.net> writes:

> * Ricardo Anguiano (anguiano@codesourcery.com) [021011 09:39]:
> > Chris BeHanna <behanna@zbzoom.net> writes:
> > 
> > > On Fri, 11 Oct 2002, Bruce Evans wrote:
> > > > Setuid programs should only use access() to check whether they will
> > > > have permission after they set[ug]id() to the real [ug]id.  Non-setuid
> > > > programs mostly don't need such checks.  They can just try the operation.
> > > 
> > >     Perhaps the way to avoid the race is to open the file, lock it,
> > > and *then* call access(), then close the file or proceed based upon
> > > the result.
> > 
> > What's wrong with opening the file, then using fstat to check the
> > properties of the file associated with the file descriptor?
> > 
> > -- 
> > Ricardo Anguiano
> > CodeSourcery, LLC
> 
> And if you don't have sufficient permission to open the file?

IMHO, then there was no point in making the access(2) call.  The
problem exists when the process is running with elevated privileges.

AFAIK, open(2) does not fail due to permission problems when run as
root.  Thus, the need to check for the invoking user's permission to
open the file.

PS: Chris: postmaster@telstraclear.co.nz says you don't exist.

-- 
Ricardo Anguiano
CodeSourcery, LLC

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m3k7koud6v.fsf>