Date: Fri, 11 Oct 2002 09:48:05 -0700 From: Benjamin Krueger <benjamin@seattleFenix.net> To: Ricardo Anguiano <anguiano@codesourcery.com> Cc: Chris BeHanna <behanna@zbzoom.net>, FreeBSD Security <security@FreeBSD.ORG> Subject: Re: access() is a security hole? Message-ID: <20021011164805.GA27132@surreal.seattlefenix.net> In-Reply-To: <m3r8exszf8.fsf@mordack.codesourcery.com> References: <20021011094935.I86274-100000@topperwein.pennasoft.com> <m3r8exszf8.fsf@mordack.codesourcery.com>
next in thread | previous in thread | raw e-mail | index | archive | help
* Ricardo Anguiano (anguiano@codesourcery.com) [021011 09:39]: > Chris BeHanna <behanna@zbzoom.net> writes: > > > On Fri, 11 Oct 2002, Bruce Evans wrote: > > > Setuid programs should only use access() to check whether they will > > > have permission after they set[ug]id() to the real [ug]id. Non-setuid > > > programs mostly don't need such checks. They can just try the operation. > > > > Perhaps the way to avoid the race is to open the file, lock it, > > and *then* call access(), then close the file or proceed based upon > > the result. > > What's wrong with opening the file, then using fstat to check the > properties of the file associated with the file descriptor? > > -- > Ricardo Anguiano > CodeSourcery, LLC And if you don't have sufficient permission to open the file? -- Benjamin Krueger "Everyone has wings, some folks just don't know what they're for" - B. Banzai ---------------------------------------------------------------- Send mail w/ subject 'send public key' or query for (0x251A4B18) Fingerprint = A642 F299 C1C1 C828 F186 A851 CFF0 7711 251A 4B18 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021011164805.GA27132>