Re: [PATCH] fcntl.h: define AT_EACCESS

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: David Wagner

Subject: Re: [PATCH] fcntl.h: define AT_EACCESS

Date: Monday, April 19, 2010 - 3:20 pm

Can you share some justification why it's worth extending
faccessat() with new options?

Isn't faccessat() insecure in most use cases, due to TOCTTOU
(time-of-check to time-of-use) vulnerabilities?  When faccessat()
returns 0, you learn that at some point in the past, the process had
permission to access a given file, though the process may or may not
have permission at the moment.  Why is that a useful thing to know?

I'm sure you're familiar with all the standard arguments why using
access() tends to represent a security vulnerability.  Is there a reason
why similar arguments do not apply to faccessat()?
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH] fcntl.h: define AT_EACCESS, maximilian attems, (Thu Apr 15, 8:08 pm)

Re: [PATCH] fcntl.h: define AT_EACCESS, Andrew Morton, (Mon Apr 19, 2:47 pm)

Re: [PATCH] fcntl.h: define AT_EACCESS, maximilian attems, (Mon Apr 19, 2:57 pm)

Re: [PATCH] fcntl.h: define AT_EACCESS, Ulrich Drepper, (Mon Apr 19, 3:10 pm)

Re: [PATCH] fcntl.h: define AT_EACCESS, H. Peter Anvin, (Mon Apr 19, 3:11 pm)

Re: [PATCH] fcntl.h: define AT_EACCESS, David Wagner, (Mon Apr 19, 3:20 pm)


linux-kernel:
Michael Trimarchi	Re: [PATCH] VFS: make file->f_pos access atomic on 32bit arch
Miklos Szeredi	[patch 14/15] vfs: more path_permission() conversions
Serge E. Hallyn	Re: [RFC v5][PATCH 7/8] Infrastructure for shared objects
Bernd Schmidt	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Takashi Iwai	[PATCH 2/2] input: Add LED support to Synaptics device
git:
Junio C Hamano	Re: mingw, windows, crlf/lf, and git
Eyvind Bernhardsen	Re: Where has "git ls-remote" reference pattern matching gone?
Shawn O. Pearce	Re: Switching from CVS to GIT
Todd Zullinger	Re: [PATCH 2/2] send-email: rfc2047-quote subject lines with non-ascii characters
Santi Béjar	Re: How to use git-fmt-merge-msg?
linux-netdev:
Ramkrishna Vepa	[net-2.6 PATCH 1/10] Neterion: New driver: Driver help file
Mark Anthony	invitation / inquiry
Ingo Molnar	Re: [PATCH 08/16] dma-debug: add core checking functions
David Miller	Re: [PATCH 1/3] f_phonet: dev_kfree_skb instead of dev_kfree_skb_any in TX callback
Sascha Hauer	[PATCH 03/12] fec: do not typedef struct types
git-commits-head:
Linux Kernel Mailing List	amba: struct device - replace bus_id with dev_name(), dev_set_name()
Linux Kernel Mailing List	MIPS: Yosemite: Convert SMP startup lock to arch spinlock.
Linux Kernel Mailing List	ARM: S5PC100: IRQ and timer
Linux Kernel Mailing List	davinci: edma: clear interrupt status for interrupt enabled channels only
Linux Kernel Mailing List	x86, mm, kprobes: fault.c, simplify notify_page_fault()
openbsd-misc:
Daniel A. Ramaley	Re: [semi-OT] Can anyone recommend an OpenBSD-compatible colour laser printer?
Matthias Kilian	Re: can't get vesa @ 1280x800 or nv
Tobias Ulmer	Re: Problem after upgrade 4.5 to 4.6: ERR M
Philip Guenther	Re: SIGCHLD and libpthread.so
J.C. Roberts	Re: [semi-OT] Can anyone recommend an OpenBSD-compatible colour laser printer?