File descriptors
Tom Evans
tevans.uk at googlemail.com
Sun Apr 14 12:19:06 UTC 2013
On Sun, Apr 14, 2013 at 9:48 AM, Pétur Ingi Egilsson <petur at petur.eu> wrote:
> The general understanding by users, be it right or wrong, is that whenever a files' permission is changed, then the effect is immediate everywhere in the system.
> This wrong metal model _could_ result in malicious access to a file.
>
> I merely wanted to bring the issue to your attention.
>
> - pétur
>
As des said earlier, this model is essential for doing things in a
secure manner. An analogy would be sockets, if you drop privileges
after binding to a privileged socket, should you lose access to the
socket? Of course not. The only thing that is relevant is whether you
had permission to open the file/bind the socket at the point you did
it. After that, the fd/socket is all yours, regardless.
Cheers
Tom
More information about the freebsd-security
mailing list