On Sun, Apr 14, 2013 at 9:48 AM, Pétur Ingi Egilsson <pe...@petur.eu> wrote: > The general understanding by users, be it right or wrong, is that whenever a > files' permission is changed, then the effect is immediate everywhere in the > system. > This wrong metal model _could_ result in malicious access to a file. > > I merely wanted to bring the issue to your attention. > > - pétur >
As des said earlier, this model is essential for doing things in a secure manner. An analogy would be sockets, if you drop privileges after binding to a privileged socket, should you lose access to the socket? Of course not. The only thing that is relevant is whether you had permission to open the file/bind the socket at the point you did it. After that, the fd/socket is all yours, regardless. Cheers Tom _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
