Re: A Comment from User Space

• Previous message: David Wagner: "Re: A Comment from User Space"
• In reply to: Valdis.Kletnieksat_private: "Re: A Comment from User Space"
• Next in thread: Valdis.Kletnieksat_private: "Re: A Comment from User Space"
• Next in thread: Seth Arnold: "Re: A Comment from User Space"
• Reply: Valdis.Kletnieksat_private: "Re: A Comment from User Space"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>You've got it backwards.  We *know* that 'access()' is fundementally
>screwed up.
>
>BUT WHAT IF IT ACTUALLY WORKED?

No, no, it's worse than you realize.  What you want is fundamentally
impossible, with the access() current interface.  The
  if (access()) { open(); }
code sequence is inherently vulnerable to TOCTTOU attacks (race conditions).
You'd have to invent a new, secure interface to get this right, and access()
isn't it.  Haven't I explained this about five or six times now?

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Seth Arnold: "Re: A Comment from User Space"
• Previous message: David Wagner: "Re: A Comment from User Space"
• In reply to: Valdis.Kletnieksat_private: "Re: A Comment from User Space"
• Next in thread: Valdis.Kletnieksat_private: "Re: A Comment from User Space"
• Next in thread: Seth Arnold: "Re: A Comment from User Space"
• Reply: Valdis.Kletnieksat_private: "Re: A Comment from User Space"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 23 2001 - 19:54:55 PDT