Date: Sat, 31 Mar 2001 11:17:37 -0500 From: Bill Moran <wmoran@iowna.com> To: Paul Herman <pherman@frenchfries.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: access() system call Message-ID: <3AC60321.E043BFAA@iowna.com> References: <Pine.BSF.4.33.0103311759190.13408-100000@husten.security.at12.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Paul Herman wrote: > > On Sat, 31 Mar 2001, Edwin Groothuis wrote: > > > > 2. Is there any more information on why access() is such a terrible > > > security hole? > > > > I'm also wondering about it. > > Just a hunch, but maybe because of a possible race condition between > checking for a file's existence and opening it for use. fstat(2) is > already passed an open file descriptor so you get the real McCoy. > > The stat(2) and access(2) system calls look as if they do pretty much > the same to me, perhaps stat(2) should also carry such a warning in > the manpage? Interesting, albiet only speculation. I went looking for some more information in the source code. Much to my dismay I found that access(2) is being used all over the place in contributed software, etc. This (to me) makes it even more important to find out what this "potential security hole" is. I'm going to email -hackers on this. I was going to wait a day to see what responses I got from -questions, but at this point my curiousity is overwhelming me. -Bill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AC60321.E043BFAA>