Date: 13 Jul 1999 09:58:09 +0300 From: Ville-Pertti Keinonen <will@iki.fi> To: green@FreeBSD.org (Brian F. Feldman) Cc: hackers@FreeBSD.org Subject: Re: a BSD identd Message-ID: <86908l829q.fsf@not.demophon.com> In-Reply-To: green@FreeBSD.org's message of "12 Jul 1999 22:14:21 %2B0300" References: <53426.931766563@axl.noc.iafrica.com> <Pine.BSF.4.10.9907121509580.50180-100000@janus.syracuse.net>
next in thread | previous in thread | raw e-mail | index | archive | help
green@FreeBSD.org (Brian F. Feldman) writes: > It's "out with the bad, in with the good." Pidentd code is pretty terrible. > The only security concerns with my code were wrt FAKEID, and those were > mostly fixed (mostly meaning that a symlink _may_ be opened, but it won't > be read.) If anyone wants to audit my code for security, I invite them to. Did you mean to avoid reading through symlinks using the open + fstat method mentioned earlier in the thread? I thought I'd misunderstood, that you had to be discussing something else, since you and whoever else was involved both agreed that open + fstat is sufficient, and I thought that several people can't possibly be so completely confused. If you really want to avoid reading through symlinks, you need to lstat, open and fstat (the order doesn't really matter). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86908l829q.fsf>