From owner-freebsd-hackers Fri Sep 7 2:56:43 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from ranger.acns.ab.ca (h24-68-206-125.sbm.shawcable.net [24.68.206.125]) by hub.freebsd.org (Postfix) with ESMTP id CF90E37B406 for ; Fri, 7 Sep 2001 02:56:39 -0700 (PDT) Received: from colnta.acns.ab.ca (colnta [192.168.1.2]) by ranger.acns.ab.ca (8.11.6/8.11.3) with ESMTP id f8790RN09239 for ; Fri, 7 Sep 2001 03:00:28 -0600 (MDT) (envelope-from davidc@colnta.acns.ab.ca) Received: (from davidc@localhost) by colnta.acns.ab.ca (8.11.6/8.11.3) id f876Ufj61084 for hackers@freebsd.org; Fri, 7 Sep 2001 00:30:41 -0600 (MDT) (envelope-from davidc) Date: Fri, 7 Sep 2001 00:30:41 -0600 From: Chad David To: hackers@freebsd.org Subject: ipfw and access Message-ID: <20010907003041.A61061@colnta.acns.ab.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I was just wondering about the caveat in that access(2) man page that says that access is a potential security hole and should never be used, and the fact that ipfw calls it on line 2435. I seem to recall a discussion about this a few months ago, but I don't really remember the details... and the irony of ipfw calling a documented "should never be used" function got my attention. Is this really a problem, or is the man page paranoid? Thanks -- Chad David davidc@acns.ab.ca ACNS Inc. Calgary, Alberta Canada I applied the patch twice, and it still doesn't work! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message