I noticed that if I execute the following code, then the program is able to
read the file even if the files' permissions are changed around the /mark/
section in such a way that the UID under which the program is running should
not have any permission to read the file.
This is not a desirable behaviour.
How can I prevent this behaviour on my system?
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char **argv)
{
if (argc != 2) {
printf("Usage: %s filename\n", argv[0]);
exit(EXIT_FAILURE);
}
FILE *fd;
char *line = NULL;
size_t len = 0;
fd = fopen(argv[2], "r");
/* mark */
if (fd == NULL) {
exit(EXIT_FAILURE);
}
while (getline(&line, &len, fd) != -1) {
printf("%s", line);
}
fclose(fd);
exit(EXIT_SUCCESS);
}
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
