Date: Mon, 27 Nov 2000 10:37:36 -0800 From: Alfred Perlstein <bright@wintelcom.net> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: "Brian F. Feldman" <green@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/inetd builtins.c Message-ID: <20001127103736.H8051@fw.wintelcom.net> In-Reply-To: <200011271508.KAA94135@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Mon, Nov 27, 2000 at 10:08:36AM -0500 References: <green@FreeBSD.org> <200011270405.eAR45H578642@green.dyndns.org> <200011270450.eAR4oG579042@green.dyndns.org> <200011271508.KAA94135@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
* Garrett Wollman <wollman@khavrinen.lcs.mit.edu> [001127 07:08] wrote: > <<On Sun, 26 Nov 2000 23:50:11 -0500, "Brian F. Feldman" <green@FreeBSD.org> said: > > > permissions and have getfh() respect my current effective credentials while > > letting me use it because I'm "really" root. > > getfh() requires appropriate privilege because file handles are > effectively capabilities -- posession of the handle, from an NFS > server, allows one to bypass all access-control checks. (It's one of > the reasons NFS is so insecure.) With knowledge of how the system > constructs file handles, it is potentially possible to access files > which would not be accessible otherwise. Basically one can spin in a tight loop guessing filehandles locally and open any file, it is somewhat constrained by permissions however since you're effectively bypassing the directory structure of the system you may be able to get into a directory that you shouldn't be in. Hence the restriction that only root can use this interface. On a side note, why isn't O_NOFOLLOW(sp?) not documented in open(2). Are there any other flags not documented and if possible can I get a short and concise summary of them so that I can update the manpage? thanks, -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001127103736.H8051>