From owner-freebsd-hackers Tue Jul 13 12: 4:48 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11]) by hub.freebsd.org (Postfix) with SMTP id 4A49414ED7; Tue, 13 Jul 1999 12:04:45 -0700 (PDT) (envelope-from iedowse@maths.tcd.ie) Received: from hamilton.maths.tcd.ie by salmon.maths.tcd.ie with SMTP id ; 13 Jul 1999 20:04:45 +0100 (BST) To: "Brian F. Feldman" Cc: hackers@FreeBSD.org Subject: Re: a BSD identd In-reply-to: Your message of "Tue, 13 Jul 1999 09:51:43 EDT." Date: Tue, 13 Jul 1999 20:04:45 +0100 From: Ian Dowse Message-ID: <199907132004.aa08685@salmon.maths.tcd.ie> Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message , "Bria n F. Feldman" writes: >On 13 Jul 1999, Ville-Pertti Keinonen wrote: > >> >> green@FreeBSD.org (Brian F. Feldman) writes: >> >> > It's "out with the bad, in with the good." Pidentd code is pretty terrible >. >> > The only security concerns with my code were wrt FAKEID, and those were >> > mostly fixed (mostly meaning that a symlink _may_ be opened, but it won't >> > be read.) If anyone wants to audit my code for security, I invite them to. >> >> Did you mean to avoid reading through symlinks using the open + fstat >> method mentioned earlier in the thread? > >No, I meant to avoid opening a file the user couldn't, or reading from a dev. Why not actually store the fake ID in a symbolic link? That way you just do a readlink(), which would be safer, neater and faster than reading a file. A user can set up a fake ID with something like: ln -s "Warm-Fuzzy" .fakeid Ian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message