Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 27 Mar 1997 14:50:32 +1100
From:      Bruce Evans <bde@zeta.org.au>
To:        peter@spinner.dialix.com, phk@critter.dk.tfs.com
Cc:        ache@nagual.ru, cvs-all@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-lib@freefall.freebsd.org, fenner@parc.xerox.com, imp@village.org
Subject:   Re: cvs commit: src/lib/libtermcap pathnames.h termcap.c
Message-ID:  <199703270350.OAA06953@godzilla.zeta.org.au>

next in thread | raw e-mail | index | archive | help
>> Well, access_as(2) alone will not do it, you would need a open_as(2),
>> unlink_as(2), rename_as(2) and so on...
>
>Err, yeah.  I knew that.. :-)  Please ignore my previous simplistic reply 
>about access. :-).  With setfsuid() etc in a setuid process, you'd do
>this: 
>
>setfsuid(getuid());
>fd = open(..)
>setfsuid(geteuid());

You could also add warnings:

	warning: this program uses access(), which is unsafe.

access() would be unsafer than now, since the effective fs uuid would be
more variable.

And while we're here:

	warning: this program uses tmpfile(), which is unsafe.
	warning: this program uses tmpnam(), which is unsafe.
	warning: this program uses tempnam(), which is unsafe.
	warning: this program uses mktemp(), which is unsafe.
	warning: this program uses mkstemp(), which is yet another wrong
	         interface (it should allow setting the open mode).

Bruce



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703270350.OAA06953>