Cuserid() is a security hole
Rob Bernardo
rob at PacBell.COM
Thu Jun 8 10:52:41 AEST 1989
In article <1768 at auspex.auspex.com> guy at auspex.auspex.com (Guy Harris) writes:
+If you consider it a bug to be able to redirect standard input and, as a
+result, be able to force "getlogin" give you the wrong information, you
+might find it is a bug in many versions of UNIX, *including* Ultrix....
The "problem" is that a programmer might use cuserid() without knowing
about this "deception".
This might be particularly bad in, say, a mail user agent. MUA's often
must run setgid. As a setgid program is has access to *anyone's*
incoming mail box, and must judge whether the user would normally be
able to access the mailbox s/he has directed the MUA to access. If
cuserid() is used to determine the user's id, the MUA may unwittingly
grant access to some other person's incoming mailbox.
--
Rob Bernardo, Pacific Bell UNIX/C Reusable Code Library
Email: ...![backbone]!pacbell!pbhyf!rob OR rob at pbhyf.PacBell.COM
Office: (415) 823-2417 Room 4E850O San Ramon Valley Administrative Center
Residence: (415) 827-4301 R Bar JB, Concord, California
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list