Cuserid() is a security hole
Karl Heuer
karl at haddock.ima.isc.com
Sat Jun 3 07:09:27 AEST 1989
The plot thickens. In POSIX, cuserid() is required to use the *effective uid*
of the process. The Rationale section does not comment on this inconsistency
with traditional implementations.
Moreover, POSIX getlogin() is supposed to return the login name associated
with the *controlling terminal*, not the tty on descriptor 0-2 as is commonly
implemented. Since, as Guy points out, a program can't always find the true
name of its controlling terminal, it would seem that this requires either a
new system call, or else getlogin() should just give up and return NULL.
Karl W. Z. Heuer (ima!haddock!karl or karl at haddock.isc.com), The Walking Lint
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list