gr...@freebsd.org (Brian F. Feldman) writes: > It's "out with the bad, in with the good." Pidentd code is pretty terrible. > The only security concerns with my code were wrt FAKEID, and those were > mostly fixed (mostly meaning that a symlink _may_ be opened, but it won't > be read.) If anyone wants to audit my code for security, I invite them to.
Did you mean to avoid reading through symlinks using the open + fstat method mentioned earlier in the thread? I thought I'd misunderstood, that you had to be discussing something else, since you and whoever else was involved both agreed that open + fstat is sufficient, and I thought that several people can't possibly be so completely confused. If you really want to avoid reading through symlinks, you need to lstat, open and fstat (the order doesn't really matter). To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message
