From owner-freebsd-questions Sat Mar 31 6:38:44 2001 Delivered-To: freebsd-questions@freebsd.org Received: from clmboh1-smtp3.columbus.rr.com (clmboh1-smtp3.columbus.rr.com [65.24.0.112]) by hub.freebsd.org (Postfix) with ESMTP id E19F237B719 for ; Sat, 31 Mar 2001 06:38:40 -0800 (PST) (envelope-from wmoran@iowna.com) Received: from iowna.com (dhcp065-024-023-038.columbus.rr.com [65.24.23.38]) by clmboh1-smtp3.columbus.rr.com (8.11.2/8.11.2) with ESMTP id f2VEZsw24520 for ; Sat, 31 Mar 2001 09:35:54 -0500 (EST) Message-ID: <3AC5EAFA.C8D4E301@iowna.com> Date: Sat, 31 Mar 2001 09:34:34 -0500 From: Bill Moran X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.3-RC i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: access() system call Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This may be a question for -hackers, but I'll try here first. In the man page for the access(2) syscall, it states "access() is a potential security hole and should never be used." I have 3 questions regarding this: 1. What should I use instead? 2. Is there any more information on why access() is such a terrible security hole? 3. Does not access(1) use access(2)? If so, that would make access(1) a security problem. Which is not documented in the man page (or anywhere else that I can find) Once I find out the answer to some of these questions I'm going to recommend an update to the access(2) man page, as problems #1 and #2 have left me dead-ended on what should be a quick programming project. The combination of questions #2 and #3 makes me worry that there may be a security problem. But I haven't found enough information to determine anything yet. Any advice is welcome. TIA, Bill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message