Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 31 Mar 2001 15:43:08 -0500
From:      Bill Moran <wmoran@iowna.com>
To:        Jan Grant <Jan.Grant@bristol.ac.uk>
Cc:        freebsd-questions <freebsd-questions@FreeBSD.ORG>
Subject:   Re: access() system call
Message-ID:  <3AC6415C.CEF6162A@iowna.com>
References:  <Pine.GSO.4.31.0103311856010.11771-100000@mail.ilrt.bris.ac.uk>

next in thread | previous in thread | raw e-mail | index | archive | help
Jan Grant wrote:
> 
> On Sat, 31 Mar 2001, Bill Moran wrote:
> 
> > Paul Herman wrote:
> > >
> > > On Sat, 31 Mar 2001, Edwin Groothuis wrote:
> > >
> > > > > 2. Is there any more information on why access() is such a terrible
> > > > > security hole?
> > > >
> > > > I'm also wondering about it.
> > >
> > > Just a hunch, but maybe because of a possible race condition between
> > > checking for a file's existence and opening it for use.  fstat(2) is
> > > already passed an open file descriptor so you get the real McCoy.
> > >
> > > The stat(2) and access(2) system calls look as if they do pretty much
> > > the same to me, perhaps stat(2) should also carry such a warning in
> > > the manpage?
> >
> > Interesting, albiet only speculation.
> 
> 'Tis truth; th file you're dealing with may change between access and
> open.

Yes, it is true, I stand corrected.
stat() would also have this possible vulnerability.
The good news is that it's safe to use for the application I need!

Thanks,
Bill

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AC6415C.CEF6162A>