is there any value in secure path?

To: tech-userlevel%netbsd.org@localhost
Subject: is there any value in secure path?
From: christos%zoulas.com@localhost (Christos Zoulas)
Date: Wed, 23 Jul 2014 06:38:44 -0400

I am asking because I intend to change it to abort() with an error message
and remove it's two uses.

    - There are only 2 uses of it in the tree
    - It suffers from TOCTOU
    - It does not do what it claims (it checks the file not the full path)
    - It can be easily circumvented
    - It is not standard

While it would be useful to have such a function, that takes a path and
returns a file descriptor if the path and the file are "trusted" (what
that means needs to be defined), this function is not it...

christos

Prev by Date: Re: xterm (sometimes) needs -lm
Next by Date: New format of output from man -k
Previous by Thread: xterm (sometimes) needs -lm
Next by Thread: New format of output from man -k
Indexes:

Home | Main Index | Thread Index | Old Index