[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Small security patch for KTempFile
From:       Oswald Buddenhagen <ossi () kde ! org>
Date:       2004-09-08 7:00:28
Message-ID: 20040908070028.GA2005 () ugly ! local
[Download RAW message or body]

On Tue, Sep 07, 2004 at 11:56:10PM -0400, Ian Reinhart Geiser wrote:
> Basicly it changes chown() to fchown() so the ownership operations are
> done on the fd vs the filename.
> 
that's pretty much pointless, as you have a race between creating the
directory and changing/using it anyway. some things just have to be
trusted ...

-- 
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Chaos, panic, and disorder - my work here is done.
[prev in list] [next in list] [prev in thread] [next in thread]