Subject: Re: CVS commit: syssrc
To: None <email@example.com>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
Date: 06/30/1999 15:05:04
>> I hope these are restricted to root-only.
> For obvious reasons, fhopen() is. I don't think fhstat() and
> fhstatfs() are, and I don't really see any security implications of
fhstatfs() you may be right, though I'm by no means certain of it.
fhstat(), though - I don't like arbitrary processes being able to
stat() files unrestrictedly. While I'm unable to give, at the moment,
a specific example of why I dislike it, it just seems like too
dangerous a facility. I'd want to at least run it past tech-security
(or has this been done? I don't think I resubscribed to that...I should
7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B