Pavel Kankovsky wrote: > > On Fri, 6 Jul 2001, 3APA3A wrote: > > > ... and the problem is definitely in software, not in operation > > system, because operation system behaves exactly as expected and > > documented. > > But it is still OS's problem when the specification / documentation it > conforms to is braindead. Adding implicit entries for devices into EVERY > directory is definitely braindead. > > BTW: What will happen when Joe Luser creates a file called XYZ on day 1, > installs a device driver called XYZ--adding XYZ to the list of magical > filenames--on day 2, and tries to access XYZ on day 3? Inquiring minds > want to know... He will access the device. This is documented in the book "Undocumented Dos" (author, editor, press I don't remember). In the early days of DOS, there was a reason why this was done. But I don't remember that either. I should probably dig out my copy of this book... "Scandisk" and similar tools will rename the file (using God knows what API) if they come across it during a scan. > > if( GetFileType(hFile) != FILE_TYPE_DISK ) { > > lstrcpy( lpszPath, TEXT("Invalid File Type") ); > > return( 0 ); > > } > [...] > > Checks like this must be in "best coding practice", because even if > > security is not in question user can specify special device name by > > accident. > > Unfortunately, a user can specify such a name deliberately in order to do > something meaningful (e.g. the old good "copy con filename"). Adding such > a check to programs interpreting filenames given by an untrusted party is > probably a good idea (both on MS Windows and unix-like OSes) but it is a > more a desperate attempt to circumvent the lack of a better mechanism than > "the best coding practice." > > BTW2: GetFileType() seems to take a handle as its argument, i.e. the > caller must already have called OpenFile() in order to be able to use > it--and call CloseFile() (CloseHandle()?) afterwards. Are OpenFile() and > CloseFile() guaranteed to be free of dangerous side effects? > > --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] > "Resistance is futile. Open your source code and prepare for assimilation." -- djenkinsat_private Universal Savings Bank. Security Administrator, Unix Administrator, Alpha Geek The three most dangerous things are a programmer with a soldering iron, a manager who codes, and a user who gets ideas.
This archive was generated by hypermail 2b30 : Mon Jul 09 2001 - 10:37:48 PDT