|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: access(2)--a security hole?
Justin Mason (jmason
iona.ie)Fri, 21 Oct 1994 11:50:02 +0100
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Jeremy Epstein -C2 PROJECT: "Re: access(2)--a security hole?"
- Previous message: Charles Howes: "Re: R utilities, addresses, etc."
- In reply to: Jonathan M. Bresler: "access(2)--a security hole?"
- Next in thread: Dave Goldberg: "Re: access(2)--a security hole?"
In your message of Thu, 20 Oct 1994 21:41:48 BST, you say: >the FreeBSD man page for access(2) includes a section titled "CAVEAT" >which says that "Access() is a potential security hole and should never >be used." hmmm..... access(2) uses the REAL uid, not the EFFECTIVE uid when testing permissions. The idea is that, when you write a setuid program, you can check to see if the user has permission to access a file while you have euid==root. Eg. real uid = user eff uid = root The problem I found with using access is that it's actually easier just to flip real and effective uids, test writability, open the file, etc. then flip the uids back. If you use normal code, you only have to worry about the effective uid; however, if you use access(), you have to worry about both real and eff uid. Actually, that's not really a security hole, just additional complexity. Maybe access() on FreeBSD is a different matter. At least, the access manpages on sunos and solaris don't mention any holes... --j.
- Next message: Jeremy Epstein -C2 PROJECT: "Re: access(2)--a security hole?"
- Previous message: Charles Howes: "Re: R utilities, addresses, etc."
- In reply to: Jonathan M. Bresler: "access(2)--a security hole?"
- Next in thread: Dave Goldberg: "Re: access(2)--a security hole?"