[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Small security patch for KTempFile
From: Oswald Buddenhagen <ossi () kde ! org>
Date: 2004-09-08 7:00:28
Message-ID: 20040908070028.GA2005 () ugly ! local
[Download RAW message or body]
On Tue, Sep 07, 2004 at 11:56:10PM -0400, Ian Reinhart Geiser wrote:
> Basicly it changes chown() to fchown() so the ownership operations are
> done on the fd vs the filename.
>
that's pretty much pointless, as you have a race between creating the
directory and changing/using it anyway. some things just have to be
trusted ...
--
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Chaos, panic, and disorder - my work here is done.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic