From owner-doc-jp@jp.freebsd.org  Wed Sep 10 14:50:39 1997
Received: by jaz.jp.freebsd.org (8.8.7+2.7Wbeta7/8.7.3) id OAA28111
	Wed, 10 Sep 1997 14:50:39 +0900 (JST)
Received: by jaz.jp.freebsd.org (8.8.7+2.7Wbeta7/8.7.3) with ESMTP id OAA28106
	for <doc-jp@jp.FreeBSD.org>; Wed, 10 Sep 1997 14:50:37 +0900 (JST)
Received: from localhost.my.domain by mb001.infoweb.or.jp (8.8.5+2.7Wbeta5/3.6Wbeta4-06/27/97)
	id OAA10375; Wed, 10 Sep 1997 14:50:34 +0900
Received: from alice.my.domain (localhost [127.0.0.1]) by localhost.my.domain (8.8.5/3.5Wpl7) with SMTP id OAA00572 for <doc-jp@jp.FreeBSD.org>; Wed, 10 Sep 1997 14:47:51 +0900 (JST)
Message-ID: <34162DCE.167EB0E7@cheerful.com>
Date: Wed, 10 Sep 1997 14:19:10 +0900
From: Nishika <nishika@cheerful.com>
X-Mailer: Mozilla 3.01 (X11; I; FreeBSD 2.2.1-RELEASE i386)
MIME-Version: 1.0
To: doc-jp@jp.FreeBSD.org
Content-Type: text/plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Reply-To: doc-jp@jp.freebsd.org
Precedence: bulk
X-Distribute: distribute [version 2.1 (Alpha) patchlevel=20]
X-Sequence: doc-jp 3214
Subject: [doc-jp 3214] <WWW> security.sgml(1.5) #2
Errors-To: owner-doc-jp@jp.freebsd.org
Sender: owner-doc-jp@jp.freebsd.org

$B$K$7$+$G$9!#(B

$B5W$7$V$j$K$*;E;v$*5Y$_$K$J$j$^$7$?(B. $B$^$?$7$P$i$/(B
$BK;$7$/$J$j$=$&$J$N$G(B, $B::FICJ3,$K$O$$$kA0$K(B, $B:#$N(B
$B;~E@$G(B security.sgml $B$NJQ99J]N1$K$7$F$$$?ItJ,$r(B
$B$O$8$a(B, $B2?E@$+JQ99$7$^$7$?(B. $BBh#20F$H$$$&$3$H$G(B,
$BJQ99E@$rN.$7$^$9(B.

$BJQ99E@35N,(B

$B!&:#Ln$5$s$N%a!<%k(B [doc-jp 3107] $B$K4p$E$$$F(B priv(s)
  $B$H(B race(in /tmp) $B4X78$NLu$rJQ99$7$F$$$^$9(B.

$B!&#2$D$NC18l(B atomic $B$H(B reentrant $B$NLu$rJQ99$7$^$7$?(B.

$B!&B>(B, $B:Y$+$$I=8=$r>/$7JQ99$7$F$"$j$^$9(B.

-- 
Nishika
mailto:nishika@cheerful.com
PGP Fingerprint = 7A 24 60 27 CE 21 90 20  68 3E 76 A4 15 21 26 31


----- Begin of diff for security.sgml (compared with [doc-jp 3103]) -----

--- security.sgml.old	Wed Sep 10 13:33:08 1997
+++ security.sgml.new	Wed Sep 10 14:26:03 1997
@@ -49,8 +49,9 @@
 <LI><A NAME="#rule1"></A>$B$I$s$JF~NO%=!<%9$b?.MQ$7$J$$$3$H(B. $B$D$^$j(B, $B%3%^%s%I(B
    $B%i%$%s0z?t(B, $B4D6-JQ?t(B, $B@_Dj%U%!%$%k(B, $BE~Ce$7$?(B UDP $B%Q%1%C%H(B, $B%[%9%HL>;2>H(B,
    $B4X?t0z?t$J$I(B, $B$I$l$b?.MQ$7$F$O$$$1$^$;$s(B. $B$=$b$=$b(B, $B<u$1<h$C$?%G!<%?D9$d(B
-   $BFbMF$,%3%s%H%m!<%k$7$F$$$k$b$N$G$J$$$N$J$i(B, $B%W%m%0%i%`$d4X?t$O$=$N%G!<%?(B
-   $B$r%3%T!<$9$k;~$KCm0U$r$O$i$&$Y$-$G$9(B. $B$3$N<o$N%;%-%e%j%F%#LdBj$r5s$2$k$H(B:
+   $BFbMF$,3F%W%m%0%i%`$d4X?t$N%3%s%H%m!<%k30$N$b$N$J$i(B, $B%W%m%0%i%`$d4X?t$O$=(B
+   $B$N%G!<%?$r%3%T!<$9$k;~$KCm0U$r$O$i$&$Y$-$G$9(B. $B$3$N<o$N%;%-%e%j%F%#LdBj$r(B
+   $B5s$2$k$H(B:
 
    <P><UL>
    <LI><A NAME="#rule1_1"></A>$B%G!<%?6-3&$r1[$($k$h$&$J(B
@@ -92,16 +93,16 @@
    <a href="http://www.de.freebsd.org/de/cgi/man.cgi?mkstemp(3)">
    mkstemp(3)</a> $B$,;H$o$l$F$$$k$3$H$r3NG'$7$F2<$5$$(B.
 
-   /tmp $B$,86Gz$K$J$k$h$&$J$3$H$O$[$H$s$I$J$$$3$H$K5$$E$$$F(B, /tmp $BCf$N(B
-   race $B$bA\$7$F$_$F2<$5$$(B:
+   $B2C$($F(B, /tmp $B$NCf$G%"%H%_%C%/$K$J$k$3$H$O$[$H$s$I$J$$$H$$$&$3$H$K5$$E(B
+   $B$$$F(B, /tmp $BCf$N6%9g$,H/@8$7$F$$$J$$$+C5$7$F$_$F2<$5$$(B:
 	<UL>
-	<LI>$B%G%#%l%/%H%j$N:n@.(B. $B$3$l$O@.8y$9$k$+<:GT$9$k$+$7$^$9(B.
+	<LI>$B%G%#%l%/%H%j$N:n@.(B. $B$3$l$O@.8y$9$k$+<:GT$9$k$+$N$I$A$i$+$G$9(B.
 	<LI>O_CREAT | O_EXCL $B%b!<%I$G$N%U%!%$%k$N%*!<%W%s(B
 	</UL>
    <a href="http://www.de.freebsd.org/de/cgi/man.cgi?mkstemp(3)">
-   mkstemp(3)</a> $B$O$3$l$i$N$3$H$r$"$J$?$N$?$a$K@5$7$/%O%s%I%k$7$F$/$l$^$9(B,
-   $B$=$&(B, race $B$r:n$i$:$K@5$7$$5v2D8"$G%F%s%]%i%j%U%!%$%k$,:n@.$5$l$k$3$H$r(B
-   $BJ]>Z$9$k$K$O(B mkstemp() $B$r;H$o$J$1$l$P$$$1$J$$$N$G$9(B.
+   mkstemp(3)</a> $B$O$3$&$$$C$?$3$H$r$"$J$?$N$?$a$K@5$7$/$d$C$F$N$1$F$/$l$^(B
+   $B$9(B. $B$=$&(B, $B6%9g$r5/$3$5$J$$$G@5$7$$5v2D8"$G%F%s%]%i%j%U%!%$%k$,:n@.$5$l$k(B
+   $B$3$H$rJ]>Z$9$k$K$O(B mkstemp() $B$r;H$o$J$1$l$P$$$1$J$$$N$G$9(B.
 
    <P><LI><A NAME="#rule1_4"></A>$B967b<T$,E,Ev$JJL$N%7%9%F%`$+$i%Q%1%C%H$r(B
    $BEj$2$?$j(B, $B%Q%1%C%H$r<u$1<h$C$?$j$9$k$h$&$K6/$$$k$3$H$,$G$-$k$N$J$i(B,
@@ -126,22 +127,22 @@
    $B%[!<%k$d<eE@$K5$$r$D$1$F2<$5$$(B. $B%F%s%]%i%j%U%!%$%k$N5v2D8"$O$I$l$b(B 600 $B$K(B
    $B$J$C$F$$$J$$$H$$$1$^$;$s(B.
 
-   <P><LI><A NAME="#rule1_8"></A>$BI>2A$5$l$?%W%i%$%Y!<%H$J>pJs$r;}$C$F<B(B
-   $B9T$7$F$$$k%W%m%0%i%`$+$i$*$-$^$j$NLdBj$N%3!<%I$r8+$D$1$k$N$K(B grep $B$r$+(B
-   $B$1$F$O$$$1$^$;$s(B. 
+   <P><LI><A NAME="#rule1_8"></A>$B9b$$8"8B$G<B9T$9$k2DG=@-$N$"$k%W%m%0%i%`(B
+   $B$+$i$*$-$^$j$NLdBj$N%3!<%I$r8+$D$1$k$N$K(B grep $B$7$F$O$$$1$^$;$s(B.
    <a href="http://www.de.freebsd.org/de/cgi/man.cgi?strcpy(3)">
    strcpy(3)</a> $B$N$h$&$J4X?t$,%*!<%P%U%m!<$r$*$3$9$H$$$C$?$3$H$h$j$b?t(B
    $BB?$/$N%*!<%P!<%U%m!<$N%1!<%9$,$"$k$N$G(B, $B#19T#19T%3!<%I$rDI$C$F$$$/$h(B
    $B$&$K$7$J$1$l$P$$$1$^$;$s(B.
 
-   <P><LI><A NAME="#rule1_9"></A>$B$"$J$?$,%W%i%$%Y!<%H$J>pJs$r<N$F5n$C$?$+$i$H(B
-   $B$$$C$F(B, $BC/$b(B exploit $B$G$-$J$/$J$k$H$$$&$o$1$G$O$"$j$^$;$s(B. $B967b<T$OI,MW$J(B
-   $B<B9T%3!<%I$r%9%?%C%/$K@Q$s$G$+$i(B /bin/sh $B$r<B9T$7$h$&$H$9$k$+$b$7$l$^$;$s(B.
+   <P><LI><A NAME="#rule1_9"></A>$BI,MW$N$J$$!JLuCm(B root $B$J$I$N!KFC8"$r;H(B
+   $B$o$J$$$+$i$H$$$C$F(B, $B!J?/F~<T$K!K0-MQ$5$l$k2DG=@-$,$J$/$J$k$o$1$G$O$"(B
+   $B$j$^$;$s(B. $B967b<T$OI,MW$J<B9T%3!<%I$r%9%?%C%/$K@Q$s$G$+$i(B /bin/sh $B$r(B
+   $B<B9T$7$h$&$H$9$k$+$b$7$l$^$;$s(B.
    </UL>
 
-<P><LI><A NAME="#rule2"></A>UID $B$r4IM}$9$k$h$&$K$7$F2<$5$$(B. $B$=$&(B, $B$G$-$k$@$1(B
-   $B$O$d$/%W%i%$%Y!<%H$J>pJs$r40A4$K<N$F5n$k$N$G$9(B.  EUID $B$H(B UID $B$H$r@ZBX$($k(B
-   $BI,MW$O$"$j$^$;$s(B. 
+<P><LI><A NAME="#rule2"></A>UID $B$r4IM}$9$k$h$&$K$7$F2<$5$$(B. $B$=$&(B, $B$G$-$k(B
+   $B$@$1$O$d$/FC8"$r40A4$K<N$F5n$k$N$G$9(B.  EUID $B$H(B UID $B$H$r@ZBX$($kI,MW$O(B
+   $B$"$j$^$;$s(B. 
    <a href="http://www.de.freebsd.org/de/cgi/man.cgi?setuid">setuid(2)</a>
    $B$r;H$($k$&$A$K;H$($P$$$$$N$G$9(B.
 
@@ -190,7 +191,7 @@
 
 <P><LI><A NAME="#rule5"></A>$BC10l$N%O%s%I%i$GJ#;($J=hM}$r9T$&$h$&$J(B
    $B%W%m%0%i%`$K5$$r$D$1$F2<$5$$(B. $B$$$m$$$m$J%i%$%V%i%jCf$NB?$/$N4X?t$O(B,
-   $B:FF~$G$-$kDx$K$O0BA4$G$O$"$j$^$;$s(B.
+   $B0BA4$K%j%(%s%H%i%s%H$G$-$k$h$&$K$O$J$C$F$$$^$;$s(B.
 
 <P><LI><A NAME="#rule6"></A>
    <a href="http://www.de.freebsd.org/de/cgi/man.cgi?realloc(3)">

----- End of diff for security.sgml -----

