From owner-freebsd-hackers Tue Jul 13 0: 3:40 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from not.demophon.com (ns.demophon.com [193.65.70.13]) by hub.freebsd.org (Postfix) with ESMTP id 32A6514C2F; Tue, 13 Jul 1999 00:03:34 -0700 (PDT) (envelope-from will@not.demophon.com) Received: (from will@localhost) by not.demophon.com (8.9.3/8.8.7) id JAA09698; Tue, 13 Jul 1999 09:58:10 +0300 (EEST) (envelope-from will) To: green@FreeBSD.org (Brian F. Feldman) Cc: hackers@FreeBSD.org Subject: Re: a BSD identd References: <53426.931766563@axl.noc.iafrica.com> From: Ville-Pertti Keinonen Date: 13 Jul 1999 09:58:09 +0300 In-Reply-To: green@FreeBSD.org's message of "12 Jul 1999 22:14:21 +0300" Message-ID: <86908l829q.fsf@not.demophon.com> Lines: 18 X-Mailer: Gnus v5.5/XEmacs 20.4 - "Emerald" Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG green@FreeBSD.org (Brian F. Feldman) writes: > It's "out with the bad, in with the good." Pidentd code is pretty terrible. > The only security concerns with my code were wrt FAKEID, and those were > mostly fixed (mostly meaning that a symlink _may_ be opened, but it won't > be read.) If anyone wants to audit my code for security, I invite them to. Did you mean to avoid reading through symlinks using the open + fstat method mentioned earlier in the thread? I thought I'd misunderstood, that you had to be discussing something else, since you and whoever else was involved both agreed that open + fstat is sufficient, and I thought that several people can't possibly be so completely confused. If you really want to avoid reading through symlinks, you need to lstat, open and fstat (the order doesn't really matter). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message