From owner-freebsd-security Tue Oct 8 13:38:52 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DCE5437B401 for ; Tue, 8 Oct 2002 13:38:49 -0700 (PDT) Received: from aeimail.aei.ca (aeimail.aei.ca [206.123.6.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5B0EF43E77 for ; Tue, 8 Oct 2002 13:38:48 -0700 (PDT) (envelope-from anarcat@anarcat.ath.cx) Received: from shall.anarcat.ath.cx (gaxoqlq4sqchft2n@dsl-131-25.aei.ca [66.36.131.25]) by aeimail.aei.ca (8.11.6/8.10.1) with ESMTP id g98KcfM25474; Tue, 8 Oct 2002 16:38:41 -0400 (EDT) Received: from lenny.anarcat.ath.cx (lenny.anarcat.ath.cx [192.168.0.4]) by shall.anarcat.ath.cx (Postfix) with SMTP id DE04D342; Tue, 8 Oct 2002 16:44:20 -0400 (EDT) Received: by lenny.anarcat.ath.cx (sSMTP sendmail emulation); Tue, 8 Oct 2002 16:37:59 -0400 Date: Tue, 8 Oct 2002 16:37:59 -0400 From: The Anarcat To: Fernando Schapachnik Cc: FreeBSD Security Issues Subject: Re: access() is a security hole? Message-ID: <20021008203759.GD309@lenny.anarcat.ath.cx> Mail-Followup-To: Fernando Schapachnik , FreeBSD Security Issues References: <20021008183227.GC309@lenny.anarcat.ath.cx> <20021008154204.D56601@ns1.via-net-works.net.ar> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="bajzpZikUji1w+G9" Content-Disposition: inline In-Reply-To: <20021008154204.D56601@ns1.via-net-works.net.ar> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --bajzpZikUji1w+G9 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue Oct 08, 2002 at 03:42:04PM -0300, Fernando Schapachnik wrote: > En un mensaje anterior, The Anarcat escribi=F3: > > The access(2) manpage mentions an obscure security hole in > > access(2). How so? > >=20 > > " > > CAVEAT > > Access() is a potential security hole and should never be used. >=20 > It might have to do with the fact that file permissions can change > between the access() call and the open() call. The preferred way is > to use fstat() that takes an open fd. Just what I thought. The man page should be more precise. The way I read it, there is a security bug in access(2) which is not the case. I'll try to come up with an update to the manpage. A. --=20 Advertisers, not governments, are the primary censors of media content=20 in the United States today. - C. Edwin Baker http://www.ad-mad.co.uk/quotes/freespeech.htm --bajzpZikUji1w+G9 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9o0InttcWHAnWiGcRAqU1AKCMo8PebN36m3nWaA1j/vSixKnEvwCgl47F aP4pjDDUypRPinu7v4cu7io= =ILAR -----END PGP SIGNATURE----- --bajzpZikUji1w+G9-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message