From owner-freebsd-questions Sat Mar 31 9:58:42 2001 Delivered-To: freebsd-questions@freebsd.org Received: from dire.bris.ac.uk (dire.bris.ac.uk [137.222.10.60]) by hub.freebsd.org (Postfix) with ESMTP id DBC1237B719 for ; Sat, 31 Mar 2001 09:58:35 -0800 (PST) (envelope-from Jan.Grant@bristol.ac.uk) Received: from mail.ilrt.bris.ac.uk by dire.bris.ac.uk with SMTP-PRIV with ESMTP; Sat, 31 Mar 2001 18:58:28 +0100 Received: from cmjg (helo=localhost) by mail.ilrt.bris.ac.uk with local-esmtp (Exim 3.16 #1) id 14jPcH-000356-00; Sat, 31 Mar 2001 18:56:49 +0100 Date: Sat, 31 Mar 2001 18:56:49 +0100 (BST) From: Jan Grant To: Bill Moran Cc: Paul Herman , freebsd-questions Subject: Re: access() system call In-Reply-To: <3AC60321.E043BFAA@iowna.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 31 Mar 2001, Bill Moran wrote: > Paul Herman wrote: > > > > On Sat, 31 Mar 2001, Edwin Groothuis wrote: > > > > > > 2. Is there any more information on why access() is such a terrible > > > > security hole? > > > > > > I'm also wondering about it. > > > > Just a hunch, but maybe because of a possible race condition between > > checking for a file's existence and opening it for use. fstat(2) is > > already passed an open file descriptor so you get the real McCoy. > > > > The stat(2) and access(2) system calls look as if they do pretty much > > the same to me, perhaps stat(2) should also carry such a warning in > > the manpage? > > Interesting, albiet only speculation. 'Tis truth; th file you're dealing with may change between access and open. -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287163 Fax +44 (0)117 9287112 RFC822 jan.grant@bris.ac.uk I am now available for general use under a modified BSD licence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message