[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: euidaccess

From: Bruno Haible
Subject: Re: euidaccess
Date: Sat, 6 Mar 2010 12:26:06 +0100
User-agent: KMail/1.9.9

Hi Jim,

> > Thanks -- I've pushed the modified patch.  Now the only license issue
> > within gnulib is 'euidaccess'...

> +     euidaccess: relax license to LGPLv2+

This won't help much, because 'euidaccess' depends on 'group-member', which
depends on 'xalloc', which is GPL. 'xalloc' is GPL and not LGPL because it
can call exit(), which is not appropriate for a library.

This module uses
  - faccessat() on glibc.
  - EFF_ONLY_OK on IRIX, OSF/1, Interix 3.5.
  - accessx() on AIX.
  - eaccess() on FreeBSD.
  - setregid if PREFER_NONREENTRANT_EUIDACCESS is defined, on MacOS X,
    NetBSD, OpenBSD, HP-UX, Solaris, Cygwin.
  - xmalloc() and getgroups() otherwise, in particular on mingw and BeOS.

The MacOS X manual page for access() says:
  "access() is a potential security hole and should never be used."
Why do they say this?
Because it uses the real uid and gid, not the effective one?
Or because of the time window between the call and the following open() call?
Or because it does not follows symbolic links (no O_NOFOLLOW)?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]