Date: Thu, 27 Mar 1997 14:50:32 +1100 From: Bruce Evans <bde@zeta.org.au> To: peter@spinner.dialix.com, phk@critter.dk.tfs.com Cc: ache@nagual.ru, cvs-all@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-lib@freefall.freebsd.org, fenner@parc.xerox.com, imp@village.org Subject: Re: cvs commit: src/lib/libtermcap pathnames.h termcap.c Message-ID: <199703270350.OAA06953@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>> Well, access_as(2) alone will not do it, you would need a open_as(2), >> unlink_as(2), rename_as(2) and so on... > >Err, yeah. I knew that.. :-) Please ignore my previous simplistic reply >about access. :-). With setfsuid() etc in a setuid process, you'd do >this: > >setfsuid(getuid()); >fd = open(..) >setfsuid(geteuid()); You could also add warnings: warning: this program uses access(), which is unsafe. access() would be unsafer than now, since the effective fs uuid would be more variable. And while we're here: warning: this program uses tmpfile(), which is unsafe. warning: this program uses tmpnam(), which is unsafe. warning: this program uses tempnam(), which is unsafe. warning: this program uses mktemp(), which is unsafe. warning: this program uses mkstemp(), which is yet another wrong interface (it should allow setting the open mode). Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703270350.OAA06953>