Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_4

Bugtraq archives for 4th quarter (Oct-Dec) 1994: access(2)--a security hole?

access(2)--a security hole?

Jonathan M. Bresler (jmbkryten.Atinc.COM)
Thu, 20 Oct 1994 21:41:48 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: *Hobbit*: "adjunct"
Previous message: Adam Shostack: "Fingerd Summary"
Next in thread: Justin Mason: "Re: access(2)--a security hole?"

the FreeBSD man page for access(2) includes a section titled "CAVEAT" 
which says that "Access() is a potential security hole and should never 
be used."

i looked into libc source and access is a typical system call--no real 
source at all, just enough assembler wrapper to generate a system call 
with the correct arguments.  the assembler is generated when libc is 
compiled through defines and other macros--real slick.

the actual syscall is executed in /sys/kern/vfs_syscalls.c, but i cant 
see why this is a hole.

can you enlighten me?

jmb 

Jonathan M. Bresler  jmbkryten.atinc.com	| Analysis & Technology, Inc.  
						| 2341 Jeff Davis Hwy
play go.					| Arlington, VA 22202
ride bike. hack FreeBSD.--ah the good life	| 703-418-2800 x346

Next message: *Hobbit*: "adjunct"
Previous message: Adam Shostack: "Fingerd Summary"
Next in thread: Justin Mason: "Re: access(2)--a security hole?"