[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Re: ...vulnerability in Lynx...
|
From: |
Alan Cox |
|
Subject: |
Re: LYNX-DEV Re: ...vulnerability in Lynx... |
|
Date: |
Thu, 8 May 1997 08:47:25 +0100 (BST) |
> each other, not as a (FILE *). Modifying this would require some major
> restructuring. The "security" of mkstemp() seems to rely on files
> being passed as open FILE pointers, and filenames not being reused. (Of
> course I may be missing something obvious here...)
Indeed. In that case you need to plonk the temporary files into ~me/.lynx/cache
Now that is a tiny modification and one that we can get into lynx-2.7.2 and
have that version up and done before the CERT advisory comes out and has
everyone deleting lynx off public machines.
Moving it to the home directory is nice and simple and if it can be done
in under a week or so it is a golden opportunity to get people to upgrade.
Many many people will see the CERT advisory, including sysadmins with 2.4,
2.5 and other prehistoric releases.
Alan
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;
- Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], (continued)
RE: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Brian Tillman, x8425, 1997/05/07
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Scott McGee (Personal), 1997/05/07
- Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Larry W. Virden, x2487, 1997/05/07
- LYNX-DEV Re: ...vulnerability in Lynx..., Klaus Weide, 1997/05/07
- Re: LYNX-DEV Re: ...vulnerability in Lynx...,
Alan Cox <=
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jim Spath (Webmaster Jim), 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Alan Cox, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jim Spath (Webmaster Jim), 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jonathan Sergent, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Alan Cox, 1997/05/08
Re: LYNX-DEV Re: ...vulnerability in Lynx..., Matthew Kelly, 1997/05/08
Re: LYNX-DEV Re: ...vulnerability in Lynx..., Larry W. Virden, x2487, 1997/05/08
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Foteos Macrides, 1997/05/07
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Brian Tillman, x8425, 1997/05/08
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Scott McGee (Personal), 1997/05/08