From owner-freebsd-questions  Sat Mar 31 13:26:52 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from dire.bris.ac.uk (dire.bris.ac.uk [137.222.10.60])
	by hub.freebsd.org (Postfix) with ESMTP id 064C637B719
	for <questions@freebsd.org>; Sat, 31 Mar 2001 13:26:50 -0800 (PST)
	(envelope-from Jan.Grant@bristol.ac.uk)
Received: from mail.ilrt.bris.ac.uk by dire.bris.ac.uk with SMTP-PRIV 
          with ESMTP; Sat, 31 Mar 2001 22:26:32 +0100
Received: from cmjg (helo=localhost)	by mail.ilrt.bris.ac.uk 
          with local-esmtp (Exim 3.16 #1)	id 14jSre-0003d0-00;
          Sat, 31 Mar 2001 22:24:54 +0100
Date: Sat, 31 Mar 2001 22:24:54 +0100 (BST)
From: Jan Grant <Jan.Grant@bristol.ac.uk>
To: Mike Meyer <mwm@mired.org>
Cc: Bill Moran <wmoran@iowna.com>, questions <questions@freebsd.org>
Subject: Re: access() system call
In-Reply-To: <15046.13882.845275.101113@guru.mired.org>
Message-ID: <Pine.GSO.4.31.0103312223350.11901-100000@mail.ilrt.bris.ac.uk>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sat, 31 Mar 2001, Mike Meyer wrote:

> Bill Moran <wmoran@iowna.com> types:
> > This may be a question for -hackers, but I'll try here first.
> >
> > In the man page for the access(2) syscall, it states "access() is a
> > potential security hole and should never be used."
> >
> > I have 3 questions regarding this:
> >
> > 1. What should I use instead?
>
> As others have indicated, stat.

Or better yet, drop privs (if appropriate) and just use open(2).


-- 
jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/
Tel +44(0)117 9287163 Fax +44 (0)117 9287112 RFC822 jan.grant@bris.ac.uk
New Freedom of Information Act: theirs, to yours. Happy now?


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message