* Bill Moran ([EMAIL PROTECTED]) [010331 10:48]:
[...]
> Does anyone have a pointer to more detailed information on the potential
> security hole in access()? I've got a bit more research to do on this,
> but I'd appreciate any pointers to speed me along.
I'd say they docs are referring to the potential race condition:
- Program calls access() to see if user has authority to open
a file and gets an affirmative result
- User swaps file with another file (say a link to the password
file)
- Program calls open() on the file, which has been replaced since
the call to access()
If the program is running with more privileges than the user this
is a truck-sized hole (or at least SUV-sized).
Rick
--
Rick Bradley / http://www.roundeye.net
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
