Cuserid() is a security hole
DAVID NEWALL
ccdn at levels.sait.edu.au
Fri Jun 2 20:50:55 AEST 1989
In article <1725 at auspex.auspex.com>, guy at auspex.auspex.com (Guy Harris) writes:
> Which manual is "the manual"? The S5R3 manual page says it returns "a
> character-string representation of the login name that the user of the
> current process is logged in under", which makes it not surprising that,
> as you note:
>
>>In fact, cuserid() returns the login name of the person who is logged in
>>on the terminal pointed to by stdin, stdout or stderr.
Huh? I don't get it. If I close stdin and stderr, and point stdout at
your terminal, then cuserid() will say that I am you. That's isn't a
"representation of the login name that the user of the current process is
logged in under".
And that's why I was surprised. (Though on reflection, I am now not
surprised, given how it must surely work -- scanning the utmp file).
David Newall Phone: +61 8 343 3160
Unix Systems Programmer Fax: +61 8 349 6939
Academic Computing Service E-mail: ccdn at levels.sait.oz.au
SA Institute of Technology Post: The Levels, South Australia, 5095
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list