From owner-freebsd-questions Sat Mar 31 6:51:56 2001 Delivered-To: freebsd-questions@freebsd.org Received: from cgmd76206.chello.nl (d9168.upc-d.chello.nl [213.46.9.168]) by hub.freebsd.org (Postfix) with ESMTP id 8AE9137B71A for ; Sat, 31 Mar 2001 06:51:53 -0800 (PST) (envelope-from edwin@cgmd76206.chello.nl) Received: by cgmd76206.chello.nl (Postfix, from userid 1001) id E0F88274; Sat, 31 Mar 2001 16:51:51 +0200 (CEST) Date: Sat, 31 Mar 2001 16:51:51 +0200 From: Edwin Groothuis To: Bill Moran Cc: freebsd-questions@freebsd.org Subject: Re: access() system call Message-ID: <20010331165151.J490@cgmd76206.chello.nl> Mail-Followup-To: Edwin Groothuis , Bill Moran , freebsd-questions@freebsd.org References: <3AC5EAFA.C8D4E301@iowna.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3AC5EAFA.C8D4E301@iowna.com>; from wmoran@iowna.com on Sat, Mar 31, 2001 at 09:34:34AM -0500 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Mar 31, 2001 at 09:34:34AM -0500, Bill Moran wrote: > In the man page for the access(2) syscall, it states "access() is a > potential security hole and should never be used." > > I have 3 questions regarding this: > > 1. What should I use instead? stat(2). It's in the SEE ALSO section of the man-page. > 2. Is there any more information on why access() is such a terrible > security hole? I'm also wondering about it. Edwin -- Edwin Groothuis | Personal website: http://www.MavEtJu.org edwin@mavetju.org | Interested in MUDs? Visit Fatal Dimensions: ------------------+ http://FatalDimensions.nl.eu.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message