Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)]

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)]

From:	Jim Spath (Webmaster Jim)
Subject:	Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)]
Date:	Thu, 8 May 1997 06:04:29 -0400 (EDT)

On Wed, 7 May 1997, Hynek Med wrote:
> On Tue, 6 May 1997, Klaus Weide wrote:
> > On Tue, 6 May 1997, Henri Torgemane wrote:
> ...
> Well, it surely works, but I think this should be done from within lynx.
> Lynx should have a function for creating temporary files, that should:

> a) create the file with 600 pemissions anyway, to guarantee privacy
Yes.

> b) pick a very random name for the file
Just adding 3 digits/letters to the filename would create a couple
hundred thousand choices to the tmp file name.  Sysadmins would
notice this, eh?

> c) check if the file about to be created isn't already a symlink/hardlink
If it exists, use a different name.

> d) optionally do all this in a subdirectory with 700 permissions as your
> script suggests
No, please, thank you. See my prior message.

------
<http://www.cs.indiana.edu/picons/db/users/us/md/lib/bcpl/jspath/face.xbm>
Marvin the Paranoid Android says:
It's no wonder I'm so depressed really is it?

;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;

[Prev in Thread]

Current Thread

[Next in Thread]

LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Henri Torgemane, 1997/05/06
- Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Klaus Weide, 1997/05/07
  - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Alan Cox, 1997/05/07
  - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Hynek Med, 1997/05/07
    - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Alan Cox, 1997/05/07
    - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Hynek Med, 1997/05/07
    - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Alan Cox, 1997/05/07
    - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Kari E. Hurtta, 1997/05/07
    - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Kari E. Hurtta, 1997/05/07
    - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Jim Spath (Webmaster Jim) <=
  - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Benjamin C. W. Sittler, 1997/05/07
    - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Larry W. Virden, x2487, 1997/05/07
    - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Benjamin C. W. Sittler, 1997/05/07
    - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Alan Cox, 1997/05/07
- RE: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Brian Tillman, x8425, 1997/05/07
- Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Scott McGee (Personal), 1997/05/07
  - Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Larry W. Virden, x2487, 1997/05/07
  - LYNX-DEV Re: ...vulnerability in Lynx..., Klaus Weide, 1997/05/07
    - Re: LYNX-DEV Re: ...vulnerability in Lynx..., Alan Cox, 1997/05/08
    - Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jim Spath (Webmaster Jim), 1997/05/08

Prev by Date: Re: freopen (was: Re: LYNX-DEV 4DOS)
Next by Date: LYNX-DEV Lynx handling of IMG and white space
Previous by thread: Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)]
Next by thread: Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)]
Index(es):
- Date
- Thread