home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky comp.unix.questions:9419 comp.unix.programmer:3908 comp.unix.wizards:3303
- Newsgroups: comp.unix.questions,comp.unix.programmer,comp.unix.wizards
- Path: sparky!uunet!zaphod.mps.ohio-state.edu!sol.ctr.columbia.edu!eff!ibmpcug!kate.ibmpcug.co.uk!dylan
- From: dylan@ibmpcug.co.uk (Matthew Farwell)
- Subject: Re: Making ``.plan'' EXECUTE a Program ???
- Organization: The IBM PC User Group, UK.
- Date: Sat, 25 Jul 1992 10:14:02 GMT
- Message-ID: <1992Jul25.101402.13142@ibmpcug.co.uk>
- References: <1992Jul24.131605.8213@news.eng.convex.com> <1992Jul24.182737.22945@aston.ac.uk>
- Lines: 33
-
- In article <1992Jul24.182737.22945@aston.ac.uk> evansmp@uhura.aston.ac.uk (Mark Evans) writes:
- >tchrist@convex.COM (Tom Christiansen) writes:
- >: Seem to me that doing this in fingerd:
- >:
- >: if (fork) return;
- >: setuid(-2);
- >: (do file reading
- >: exit(0);
- >No this is braindead.
- >Why?
- >this means that user id -2 must have read access to the file.
- >this means that the users dir must be searchable by anyone.
-
- It has to anyway. You mean you don't want other people on your machine
- to be able to finger you?
-
- >You might just as well run fingerd as uid -2 anyway.
-
- Agreed.
-
- >The point is that fingerd (running as root) should be able to read
- >.plan, it should however check that it is not a link to a file
- >the user shouldn't be reading.
- >Also fork is an expensive operation, a stat(2) call is much simpler.
-
- Theres a race condition if you use stat(2). Try fstat(2) instead.
- Anyway, fingerd has to fork (or at least exec), so its not any more
- expensive.
-
- Dylan.
- --
- It is no coincidence that in no known language does the phrase 'As
- pretty as an Airport' appear -- Douglas Adams
-
