To: linux-kernel@vger.kernel.org
Path: not-for-mail
From: daw@taverner.cs.berkeley.edu (David Wagner)
Newsgroups: isaac.lists.linux-kernel
Subject: Re: Fchown on unix domain sockets?
Date: Mon, 1 Nov 2004 22:27:51 +0000 (UTC)
Organization: University of California, Berkeley
Distribution: isaac
Message-ID: <cm6d97$uts$1@abraham.cs.berkeley.edu>
References: <200410312255.00621.jmc@xisl.com> <Pine.LNX.4.53.0411011517570.29275@yvahk01.tjqt.qr> <200411011441.56524.jmc@xisl.com> <Pine.LNX.4.53.0411011546050.30106@yvahk01.tjqt.qr>
Reply-To: daw-usenet@taverner.cs.berkeley.edu (David Wagner)
NNTP-Posting-Host: taverner.cs.berkeley.edu
NNTP-Posting-Date: Mon, 1 Nov 2004 22:27:51 +0000 (UTC)
Originator: daw@taverner.cs.berkeley.edu (David Wagner)
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 781
Lines: 11

Jan Engelhardt  wrote:
>How about setting the permissions beforehand?

This makes you susceptible to TOCTTOU (race condition) attacks in some
cases.  Often, the only way to change ownership or permissions of a file
you want to operate on securely is to use fchown()/fchmod() etc.

It came as a surprise to me that open() + fchown()/fchmod() does not
work in some cases that chown()/chmod() do.  I wonder whether this has
any effect on applications.  Could this result in security holes in
applications that are unaware of this property?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/