-x implementations
Larry Wall
lwall at jpl-devvax.JPL.NASA.GOV
Wed Feb 6 06:35:13 AEST 1991
The words "access()" and "security" should not be uttered in the same breath.
Any system call that uses filenames to check permissions is insecure unless
the operation you're checking permissions for is built into the same system
call. Don't use stat() and then open(), for instance. You have no guarantee
that the file you're opening is the same file that you stat'ed. Use open(),
and then fstat() the descriptor, which is not subject to spoofing like
filenames are. Don't close the file and then reopen it, either.
Larry Wall
lwall at jpl-devvax.jpl.nasa.gov
More information about the Comp.unix.programmer
mailing list