[Techtalk] Theory vs. practice

Jenn Vesperman jenn at anthill.echidna.id.au
Wed Jan 16 16:42:07 EST 2002


On Wed, 2002-01-16 at 13:22, Julie wrote:

> What I think of as "security bugs" is code like this --
> 
> 	if (stat (file, blah) == 0 && blah.st_uid == me)
> 		chown (file, me, new_group);
> 
> where the fact that there is a race between the stat and the
> chown exists. 

Except that there -shouldn't- be a race condition, because the
conditional should be evaluated before the chown. If the conditional
hasn't been evaluated, the code doesn't know whether to do the chown or
not.

The stat shouldn't affect the blah.st_uid, either, if it's a language
with lazy evaluation.


Jenn V.
-- 
    "Do you ever wonder if there's a whole section of geek culture 
        	you miss out on by being a geek?" - Dancer.

jenn at anthill.echidna.id.au     http://anthill.echidna.id.au/~jenn/





More information about the Techtalk mailing list