Rick Bradley wrote:
>
> * Bill Moran ([EMAIL PROTECTED]) [010331 10:48]:
> [...]
> > Does anyone have a pointer to more detailed information on the potential
> > security hole in access()? I've got a bit more research to do on this,
> > but I'd appreciate any pointers to speed me along.
>
> I'd say they docs are referring to the potential race condition:
>
> - Program calls access() to see if user has authority to open
> a file and gets an affirmative result
> - User swaps file with another file (say a link to the password
> file)
> - Program calls open() on the file, which has been replaced since
> the call to access()
>
> If the program is running with more privileges than the user this
> is a truck-sized hole (or at least SUV-sized).
Ahhh ... I'd call that an aircraft-carrier sized hole. I hadn't even
considered that possibility.
The good news, however, is that it doesn't present any security concerns
in the context I'll be using - since the program runs as the local user.
Thanks,
Bill
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
