netbsd-bugs: Re: bin/12740: fstat allows an unprivileged user to see open files belonging to other users

Subject: Re: bin/12740: fstat allows an unprivileged user to see open files belonging to other users
To: None <anne@alcor.concordia.ca>
From: Greg A. Woods <woods@weird.com>
List: netbsd-bugs
Date: 04/24/2001 14:41:30

[ On Tuesday, April 24, 2001 at 10:27:21 (-0700), Anne@netbsd.org, Bennett@netbsd.org wrote: ]
> Subject: bin/12740: fstat allows an unprivileged user to see open files belonging to other users
>
> 
> >Synopsis:       fstat allows an unprivileged user to see open files belonging to other users
> >Class:          sw-bug

That's *NOT* a bug.  Maybe it could have been a change-request, but then
it should have come with changes that made such a restriction a
non-default option!

Same goes for pkg/12741 and all the silly discussion about restricting ps.

Remember, you're using a Unix-based system, not some fabled A1-secure system!

Unix-based systems create communities, not discourage them!

BTW, your mailer is probably broken too.  The mail headers on your PR
appeared as:

	From: Anne@netbsd.org, Bennett@netbsd.org
	Reply-To: Anne@netbsd.org, Bennett@netbsd.org

which tends to indicate that your mailer failed to qualify the addresses
in those fields as it is required to do.

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>     <woods@robohack.ca>
Planix, Inc. <woods@planix.com>;   Secrets of the Weird <woods@weird.com>