tech-kern: Re: CRITICAL ** Holes in default cron jobs ** CRITICAL

Subject: Re: CRITICAL ** Holes in default cron jobs ** CRITICAL
To: der Mouse <mouse@Holo.Rodents.Montreal.QC.CA>
From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
List: tech-kern
Date: 12/31/1996 11:26:02

> > 	tmp=open(".");fchdir(fd);random-op(name);fchdir(tmp);close(tmp);
> 
> Only in some cases.  You can't open(".") if you're in a directory you
> have x access but not r access to.  (This is something I've thought of
> as a botch for quite a while - I think you should be able to open it
> but not read from it.  Perhaps we need an O_NOIO, parallel to O_RDONLY,
> O_WRONLY, O_RDWR?)

Yup.  

Incidentally, Apollo's AEGIS had this (I think it was called something
like "open for status").

					- Bill