In message <pine.bsf.4.10.9907130946220.76301-100...@janus.syracuse.net>, "Bria
n F. Feldman" writes:
>On 13 Jul 1999, Ville-Pertti Keinonen wrote:
>
>>
>> gr...@freebsd.org (Brian F. Feldman) writes:
>>
>> > It's "out with the bad, in with the good." Pidentd code is pretty terrible
>.
>> > The only security concerns with my code were wrt FAKEID, and those were
>> > mostly fixed (mostly meaning that a symlink _may_ be opened, but it won't
>> > be read.) If anyone wants to audit my code for security, I invite them to.
>>
>> Did you mean to avoid reading through symlinks using the open + fstat
>> method mentioned earlier in the thread?
>
>No, I meant to avoid opening a file the user couldn't, or reading from a dev.
Why not actually store the fake ID in a symbolic link? That way you just
do a readlink(), which would be safer, neater and faster than reading a
file. A user can set up a fake ID with something like:
ln -s "Warm-Fuzzy" .fakeid
Ian
To Unsubscribe: send mail to majord...@freebsd.org
with "unsubscribe freebsd-hackers" in the body of the message
