Date: Tue, 13 Jul 1999 09:51:43 -0400 (EDT) From: "Brian F. Feldman" <green@FreeBSD.org> To: Ville-Pertti Keinonen <will@iki.fi> Cc: hackers@FreeBSD.org Subject: Re: a BSD identd Message-ID: <Pine.BSF.4.10.9907130946220.76301-100000@janus.syracuse.net> In-Reply-To: <86908l829q.fsf@not.demophon.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 13 Jul 1999, Ville-Pertti Keinonen wrote:
>
> green@FreeBSD.org (Brian F. Feldman) writes:
>
> > It's "out with the bad, in with the good." Pidentd code is pretty terrible.
> > The only security concerns with my code were wrt FAKEID, and those were
> > mostly fixed (mostly meaning that a symlink _may_ be opened, but it won't
> > be read.) If anyone wants to audit my code for security, I invite them to.
>
> Did you mean to avoid reading through symlinks using the open + fstat
> method mentioned earlier in the thread?
No, I meant to avoid opening a file the user couldn't, or reading from a dev.
>
> I thought I'd misunderstood, that you had to be discussing something
> else, since you and whoever else was involved both agreed that open +
> fstat is sufficient, and I thought that several people can't possibly
> be so completely confused.
>
> If you really want to avoid reading through symlinks, you need to
> lstat, open and fstat (the order doesn't really matter).
>
I don't care about symlinks. I care about the underlying file.
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
>
Brian Fundakowski Feldman _ __ ___ ____ ___ ___ ___
green@FreeBSD.org _ __ ___ | _ ) __| \
FreeBSD: The Power to Serve! _ __ | _ \._ \ |) |
http://www.FreeBSD.org/ _ |___/___/___/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9907130946220.76301-100000>