Re: Why you should avoid world-writable directories

From: Jason Thorpe (thorpejat_private)
Date: Thu Dec 24 1998 - 00:50:48 PST

Next message: Guido van Rooij: "Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service"

Previous message: Casper Dik: "Re: Merry Christmas to Sun! (Was: L0pht NFR N-Code Modules"
Maybe in reply to: D. J. Bernstein: "Why you should avoid world-writable directories"
Next in thread: Jason Thorpe: "Re: Why you should avoid world-writable directories"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 23 Dec 1998 09:28:35 +1100
 Darren Reed <avalonat_private> wrote:

 > In a way, that is exactly the type of thing he is referring to, BUT,
 > LOCAL_CREDS must be supplied to be received as opposed to just "looked up"
 > with getpeeruid() (my understanding anyway).

Yes, they are a control message.  This works well for SOCK_DGRAM, but
not as well for SOCK_STREAM, since w/ SOCK_STREAM you can connect and
then never send any data, thus the task wanting the credentials never
gets them.

I've considered making SOCK_STREAM credentials available once the connect
has completed, in the NetBSD implementation.

Jason R. Thorpe                                       thorpejat_private
NASA Ames Research Center                            Home: +1 408 866 1912
NAS: M/S 258-5                                       Work: +1 650 604 0935
Moffett Field, CA 94035                             Pager: +1 650 940 5942

Next message: Guido van Rooij: "Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service"
Previous message: Casper Dik: "Re: Merry Christmas to Sun! (Was: L0pht NFR N-Code Modules"
Maybe in reply to: D. J. Bernstein: "Why you should avoid world-writable directories"
Next in thread: Jason Thorpe: "Re: Why you should avoid world-writable directories"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:26:12 PDT