Site Navigation

Date:      26 Nov 2003 12:35:06 -0500
From:      Lowell Gilbert <freebsd-security-local@be-well.ilk.org>
To:        Mike Tancsa <mike@sentex.net>
Cc:        freebsd-security@freebsd.org
Subject:   Re: perms of /dev/uhid0
Message-ID:  <44u14rnid1.fsf@be-well.ilk.org>
In-Reply-To: <6.0.1.1.0.20031126112219.045d4668@209.112.4.2>
References:  <6.0.1.1.0.20031126101602.06e8e9f0@209.112.4.2> <20031126102631.L16087@cithaeron.argolis.org> <6.0.1.1.0.20031126104757.034e1988@209.112.4.2> <6.0.1.1.0.20031126112219.045d4668@209.112.4.2>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

Mike Tancsa <mike@sentex.net> writes:

>          if (!(pwent = getpwnam("nobody")))
>          {
>                  fprintf(stderr, "There must be a user called nobody
> for this program to work!");
>                  exit(1);
>          }

It would be safer to create a different user specifically for this
purpose.  Otherwise, something else running as nobody might have
access to more privileges than it was intended for...

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44u14rnid1.fsf>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact