Date: Tue, 24 Dec 2002 09:49:49 -0500 (EST) From: Garrett Wollman <wollman@lcs.mit.edu> To: phk@FreeBSD.ORG Cc: current@FreeBSD.ORG Subject: Re: revoke(2) redux... Message-ID: <200212241449.gBOEnne5034908@khavrinen.lcs.mit.edu> In-Reply-To: <1731.1040741036@critter.freebsd.dk> References: <BA2DAFDF.17D6B%pscott@skycoast.us> <1731.1040741036@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Tue, 24 Dec 2002 15:43:56 +0100, phk@FreeBSD.ORG said:
> There is no way you can close the race between:
> revoke("/dev/ttyfoo");
> and
> open("/dev/ttyfoo");
> Not even in init(8). There is always the risk that another process
> opens the device between the two.
If that process belongs to root then it doesn't matter.
If that process belongs to the user who's logging in, then it doesn't
matter (the user can hose himself, but that's his own fault).
If that process belongs to someone else, then the permissions on the
device are set wrong, and that's a security problem that revoke()
isn't trying to fix.
-GAWollman
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200212241449.gBOEnne5034908>