access() is a security hole?
From: The Anarcat (anarcat@anarcat.ath.cx)
Date: 10/08/02
- Next message: Jan Grant: "Re: access() is a security hole?"
- Previous message: Matt Piechota: "Re: Sniffer nic"
- Next in thread: Jan Grant: "Re: access() is a security hole?"
- Reply: Jan Grant: "Re: access() is a security hole?"
- Maybe reply: The Anarcat: "Re: access() is a security hole?"
- Reply: The Anarcat: "Re: access() is a security hole?"
- Reply: Ricardo Anguiano: "Re: access() is a security hole?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 8 Oct 2002 14:32:27 -0400 From: The Anarcat <anarcat@anarcat.ath.cx> To: FreeBSD Security Issues <FreeBSD-security@FreeBSD.ORG>
The access(2) manpage mentions an obscure security hole in
access(2). How so?
"
CAVEAT
Access() is a potential security hole and should never be used.
"
This seems to have been part of the manpage forever, or so to speak,
so I really wonder what it's talking about. :) And if it's really that
serious of a security hole, why isn't there a compiler warning similar
to the use of mktemp() when linking against it?
Thanks,
A.
-- Stop the bombings. Stop the murders. Anti-war.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Jan Grant: "Re: access() is a security hole?"
- Previous message: Matt Piechota: "Re: Sniffer nic"
- Next in thread: Jan Grant: "Re: access() is a security hole?"
- Reply: Jan Grant: "Re: access() is a security hole?"
- Maybe reply: The Anarcat: "Re: access() is a security hole?"
- Reply: The Anarcat: "Re: access() is a security hole?"
- Reply: Ricardo Anguiano: "Re: access() is a security hole?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
