Date: Sat, 31 Mar 2001 10:25:03 -0700 From: Warner Losh <imp@harmony.village.org> To: Bill Moran <wmoran@iowna.com> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Security problems with access(2)? Message-ID: <200103311726.f2VHQIO13750@harmony.village.org> In-Reply-To: Your message of "Sat, 31 Mar 2001 11:43:17 EST." <3AC60925.7CF191FA@iowna.com> References: <3AC60925.7CF191FA@iowna.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <3AC60925.7CF191FA@iowna.com> Bill Moran writes:
: I'm a little confused here, if access() is such a serious security
: problem that it should _never_ be used, do we now have a major problem
: with a large amount of software in the base system?
Access(2) can be raced. If you say access("fred") and then later open
fread, between the two calls, fred may refer to different files and
you would be tricked into opening a file that you shouldn't have
otherwise opened.
Warner
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103311726.f2VHQIO13750>