lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)]

From: Alan Cox
Subject: Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)]
Date: Wed, 7 May 1997 09:10:16 +0100 (BST) 
> Something like the appended wrapper shell script should prevent this.
> [ Of course, no guarantees.  Comments?? ]

For most systems. Older systems with /tmp mode 777 someone could move
the subdir and make a new one. The right answer is to either use
mkstemp() for the cases we can or default LYNX_TEMP_SPACE to ~/.lynx/cachei
and mkdir ~/.lynx/cache or somesuch on startup. 

That probably ought to be in the "official" 2.7.2 lynx

Alan

;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;
reply via email to
[Prev in Thread] Current Thread [Next in Thread]