On 13 Jul 1999, Ville-Pertti Keinonen wrote:
>
> gr...@freebsd.org (Brian F. Feldman) writes:
>
> > It's "out with the bad, in with the good." Pidentd code is pretty terrible.
> > The only security concerns with my code were wrt FAKEID, and those were
> > mostly fixed (mostly meaning that a symlink _may_ be opened, but it won't
> > be read.) If anyone wants to audit my code for security, I invite them to.
>
> Did you mean to avoid reading through symlinks using the open + fstat
> method mentioned earlier in the thread?
No, I meant to avoid opening a file the user couldn't, or reading from a dev.
>
> I thought I'd misunderstood, that you had to be discussing something
> else, since you and whoever else was involved both agreed that open +
> fstat is sufficient, and I thought that several people can't possibly
> be so completely confused.
>
> If you really want to avoid reading through symlinks, you need to
> lstat, open and fstat (the order doesn't really matter).
>
I don't care about symlinks. I care about the underlying file.
>
> To Unsubscribe: send mail to majord...@freebsd.org
> with "unsubscribe freebsd-hackers" in the body of the message
>
Brian Fundakowski Feldman _ __ ___ ____ ___ ___ ___
gr...@freebsd.org _ __ ___ | _ ) __| \
FreeBSD: The Power to Serve! _ __ | _ \._ \ |) |
http://www.FreeBSD.org/ _ |___/___/___/
To Unsubscribe: send mail to majord...@freebsd.org
with "unsubscribe freebsd-hackers" in the body of the message
