The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


X11R6 NetBSD Security Problem


<< Previous INDEX Search src Set bookmark Go to bookmark Next >> 
Date: Sun, 28 Mar 1999 19:01:41 -0800
From: Kevin Vajk <[email protected]>
To: [email protected]
Subject: Re: X11R6 NetBSD Security Problem

This patch looks pretty good.  (Much better than the current situatiuon!!!)

A few comments:

On Fri, 26 Mar 1999, Matthieu Herrb wrote:
> +    if (errno == EEXIST) {
> +	if (stat(path, &buf) != 0) {

This should be lstat().

> +	if (S_ISDIR(buf.st_mode) && ((buf.st_mode & ~S_IFMT) == mode)) {
> +	    return 0;
> +	}
> +    }

I think you'll want to check the owner of the directory, too.

- Kevin Vajk
  <[email protected]>

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2025 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру