Subject: Re: CVS commit: syssrc
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Bill Studenmund <wrstuden@nas.nasa.gov>
List: tech-kern
Date: 06/30/1999 13:05:28
On Wed, 30 Jun 1999, der Mouse wrote:
> >> I hope these are restricted to root-only.
> > For obvious reasons, fhopen() is. I don't think fhstat() and
> > fhstatfs() are, and I don't really see any security implications of
> > that.
>
> fhstatfs() you may be right, though I'm by no means certain of it.
> fhstat(), though - I don't like arbitrary processes being able to
> stat() files unrestrictedly. While I'm unable to give, at the moment,
> a specific example of why I dislike it, it just seems like too
> dangerous a facility. I'd want to at least run it past tech-security
> (or has this been done? I don't think I resubscribed to that...I should
> check).
We can discuss security implications at our leisure. The in-tree code
presently requires root for all three.
Take care,
Bill