On Tue, 13 Jul 1999, Ian Dowse wrote:
> In message <pine.bsf.4.10.9907130946220.76301-100...@janus.syracuse.net>,
> "Bria
> n F. Feldman" writes:
> >On 13 Jul 1999, Ville-Pertti Keinonen wrote:
> >
> >>
> >> gr...@freebsd.org (Brian F. Feldman) writes:
> >>
> >> > It's "out with the bad, in with the good." Pidentd code is pretty
> >> > terrible
> >.
> >> > The only security concerns with my code were wrt FAKEID, and those were
> >> > mostly fixed (mostly meaning that a symlink _may_ be opened, but it won't
> >> > be read.) If anyone wants to audit my code for security, I invite them
> >> > to.
> >>
> >> Did you mean to avoid reading through symlinks using the open + fstat
> >> method mentioned earlier in the thread?
> >
> >No, I meant to avoid opening a file the user couldn't, or reading from a dev.
>
> Why not actually store the fake ID in a symbolic link? That way you just
> do a readlink(), which would be safer, neater and faster than reading a
> file. A user can set up a fake ID with something like:
>
> ln -s "Warm-Fuzzy" .fakeid
Hysterical raisins. ~/.fakeid being a text file is how it's always been done.
That would be a better idea if I didn't mind confusing the hell out of
people :)
>
> Ian
>
Brian Fundakowski Feldman _ __ ___ ____ ___ ___ ___
gr...@freebsd.org _ __ ___ | _ ) __| \
FreeBSD: The Power to Serve! _ __ | _ \._ \ |) |
http://www.FreeBSD.org/ _ |___/___/___/
To Unsubscribe: send mail to majord...@freebsd.org
with "unsubscribe freebsd-hackers" in the body of the message
