From owner-freebsd-security  Sat May 13 07:30:12 1995
Return-Path: security-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id HAA02029
          for security-outgoing; Sat, 13 May 1995 07:30:12 -0700
Received: from mpp.com (dialup-5-116.gw.umn.edu [128.101.96.116])
          by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id HAA02021
          for <security@freebsd.org>; Sat, 13 May 1995 07:30:06 -0700
Received: (from mpp@localhost) by mpp.com (8.6.11/8.6.9) id JAA09229 for security@freebsd.org; Sat, 13 May 1995 09:29:56 -0500
From: Mike Pritchard <pritc003@maroon.tc.umn.edu>
Message-Id: <199505131429.JAA09229@mpp.com>
Subject: stat & inode generation numbers
To: security@FreeBSD.org
Date: Sat, 13 May 1995 09:29:55 -0500 (CDT)
X-Mailer: ELM [version 2.4 PL24]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 527       
Sender: security-owner@FreeBSD.org
Precedence: bulk

I just noticed that the stat system call is returning the i-node
generation number to non-root callers.  I thought that allowing
users to determine the i-node generation number of files
was considered bad and a security risk in NFS environments, since
it makes it possible for someone to come up with valid file
handles.

Am I mistaken, or should stat be changed to only return st_gen
when called by the superuser?
-- 
Mike Pritchard
pritc003@maroon.tc.umn.edu
"Go that way.  Really fast.  If something gets in your way, turn"