Re: Potential security bug in fopen()

bug-glibc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Potential security bug in fopen()

From:	Ulrich Drepper
Subject:	Re: Potential security bug in fopen()
Date:	07 Feb 2001 13:23:55 -0800
User-agent:	Gnus/5.0807 (Gnus v5.8.7) XEmacs/21.1 (Capitol Reef)

Michael Sweet <address@hidden> writes:

> I've had several reports of a potential symlink attack on some code
> in CUPS; upon further investigation, it appears that fopen() is
> unlink'ing the named file when the open mode is "w".

fopen does nothing like this.

-- 
---------------.                          ,-.   1325 Chesapeake Terrace
Ulrich Drepper  \    ,-------------------'   \  Sunnyvale, CA 94089 USA
Red Hat          `--' drepper at redhat.com   `------------------------

[Prev in Thread]

Current Thread

[Next in Thread]

Potential security bug in fopen(), Michael Sweet, 2001/02/07
- Re: Potential security bug in fopen(), Ulrich Drepper <=
  - Re: Potential security bug in fopen(), Michael Sweet, 2001/02/07
    - Re: Potential security bug in fopen(), Ulrich Drepper, 2001/02/07
    - Re: Potential security bug in fopen(), Michael Sweet, 2001/02/07
    - Re: Potential security bug in fopen(), Andreas Jaeger, 2001/02/08
    - Re: Potential security bug in fopen(), Michael Sweet, 2001/02/08
    - Re: Potential security bug in fopen(), Wolfram Gloger, 2001/02/08
    - Re: Potential security bug in fopen(), Michael Sweet, 2001/02/08
    - Re: Potential security bug in fopen(), Michael Sweet, 2001/02/08

Prev by Date: Potential security bug in fopen()
Next by Date: Porting C library
Previous by thread: Potential security bug in fopen()
Next by thread: Re: Potential security bug in fopen()
Index(es):
- Date
- Thread