nano-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nano-devel] Checking permissions before opening file


From: Robert Funnell
Subject: Re: [Nano-devel] Checking permissions before opening file
Date: Mon, 25 Jan 2016 16:22:45 -0500 (EST)
User-agent: Alpine 2.00 (DEB 1167 2008-08-23)

On Mon, 25 Jan 2016, Rishabh Dave wrote:

Replaced stat() by access() - which is in unistd.h - to check accessibility
of path.

However, this replacement doesn't affect the case 'src/nano
/root/.nano/yuhu'. (mentioned about it because it was the case under
consideration last time -  bug #44950 thread).

The man page for access() says it creates a security hole and its use should be avoided. I see a lot of discussions of the issue on the Web and a lot of people seem to agree that it's a bad idea.

- Robert




reply via email to

[Prev in Thread] Current Thread [Next in Thread]