From owner-freebsd-hackers Sat Mar 31 9:27:48 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from clmboh1-smtp3.columbus.rr.com (clmboh1-smtp3.columbus.rr.com [65.24.0.112]) by hub.freebsd.org (Postfix) with ESMTP id 65D3C37B719 for ; Sat, 31 Mar 2001 09:27:46 -0800 (PST) (envelope-from wmoran@iowna.com) Received: from iowna.com (dhcp065-024-023-038.columbus.rr.com [65.24.23.38]) by clmboh1-smtp3.columbus.rr.com (8.11.2/8.11.2) with ESMTP id f2VHOxw23273; Sat, 31 Mar 2001 12:24:59 -0500 (EST) Message-ID: <3AC6129C.3E5BDC01@iowna.com> Date: Sat, 31 Mar 2001 12:23:40 -0500 From: Bill Moran X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.3-RC i386) X-Accept-Language: en MIME-Version: 1.0 To: Rick Bradley Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Security problems with access(2)? References: <3AC60925.7CF191FA@iowna.com> <20010331110248.A28931@negwo.roundeye.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Rick Bradley wrote: > > * Bill Moran (wmoran@iowna.com) [010331 10:48]: > [...] > > Does anyone have a pointer to more detailed information on the potential > > security hole in access()? I've got a bit more research to do on this, > > but I'd appreciate any pointers to speed me along. > > I'd say they docs are referring to the potential race condition: > > - Program calls access() to see if user has authority to open > a file and gets an affirmative result > - User swaps file with another file (say a link to the password > file) > - Program calls open() on the file, which has been replaced since > the call to access() > > If the program is running with more privileges than the user this > is a truck-sized hole (or at least SUV-sized). Ahhh ... I'd call that an aircraft-carrier sized hole. I hadn't even considered that possibility. The good news, however, is that it doesn't present any security concerns in the context I'll be using - since the program runs as the local user. Thanks, Bill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message