Date: Sat, 31 Mar 2001 15:43:08 -0500 From: Bill Moran <wmoran@iowna.com> To: Jan Grant <Jan.Grant@bristol.ac.uk> Cc: freebsd-questions <freebsd-questions@FreeBSD.ORG> Subject: Re: access() system call Message-ID: <3AC6415C.CEF6162A@iowna.com> References: <Pine.GSO.4.31.0103311856010.11771-100000@mail.ilrt.bris.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Jan Grant wrote: > > On Sat, 31 Mar 2001, Bill Moran wrote: > > > Paul Herman wrote: > > > > > > On Sat, 31 Mar 2001, Edwin Groothuis wrote: > > > > > > > > 2. Is there any more information on why access() is such a terrible > > > > > security hole? > > > > > > > > I'm also wondering about it. > > > > > > Just a hunch, but maybe because of a possible race condition between > > > checking for a file's existence and opening it for use. fstat(2) is > > > already passed an open file descriptor so you get the real McCoy. > > > > > > The stat(2) and access(2) system calls look as if they do pretty much > > > the same to me, perhaps stat(2) should also carry such a warning in > > > the manpage? > > > > Interesting, albiet only speculation. > > 'Tis truth; th file you're dealing with may change between access and > open. Yes, it is true, I stand corrected. stat() would also have this possible vulnerability. The good news is that it's safe to use for the application I need! Thanks, Bill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AC6415C.CEF6162A>