[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Why can't root check in files?
From: |
Larry Jones |
Subject: |
Re: Why can't root check in files? |
Date: |
Fri, 12 Oct 2001 14:36:01 -0400 (EDT) |
Greg A. Woods writes:
>
> Getlogin() is not always secure [*],
I'm not really sure what that's supposed to mean, but since we only use
it when the user is root (and hence can presumably spoof anything he or
she wants), I don't think it really matters.
> and it's not really portable
> despite being defined by IEEE 1003.1. It should be OK on 4.4BSD. On
> some other systems which track the original login ID there are other
> similar calls which are supposedly secure....
But even less portable, presumably.
> [*] From the BUGS section of the 4.4BSD manual page:
>
> In earlier versions of the system, the value returned
> by getlogin() could not be trusted without checking the user ID.
> Portable programs should probably still make this check.
>
> (and that means if (*(getpwnam(getlogin))->pw_uid != getuid()) then the
> result is untrusted)
*If* you want a login name that corresponds to the current userid, but
that's exactly what we *don't* want! We don't want a login name that
corresponds to root, we want to know the actual login name of the user
who su'ed to root.
-Larry Jones
Whatever it is, it's driving me crazy! -- Calvin
- Re: Why can't root check in files?, (continued)
- Re: Why can't root check in files?, Larry Jones, 2001/10/10
- Re: Why can't root check in files?, luke, 2001/10/11
- Re: Why can't root check in files?, Mike Castle, 2001/10/11
- Re: Why can't root check in files?, luke, 2001/10/11
- Re: Why can't root check in files?, Greg A. Woods, 2001/10/11
- Re: Why can't root check in files?, luke, 2001/10/14
- Re: Why can't root check in files?, Greg A. Woods, 2001/10/15
- Re: Why can't root check in files?, luke, 2001/10/15
- Re: Why can't root check in files?, Larry Jones, 2001/10/12
- Re: Why can't root check in files?, Greg A. Woods, 2001/10/12
- Re: Why can't root check in files?,
Larry Jones <=
- Re: Why can't root check in files?, Greg A. Woods, 2001/10/12
- Re: Why can't root check in files?, Eric Siegerman, 2001/10/12
- Re: Why can't root check in files?, Greg A. Woods, 2001/10/11
Re: Why can't root check in files?, luke, 2001/10/14
Re: Why can't root check in files?, Jesus Manuel NAVARRO LOPEZ, 2001/10/16
Re: Why can't root check in files?, Kaz Kylheku, 2001/10/16