[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
LYNX-DEV Re: http://www.crl.com/~subir/lynx/security.html
|
From: |
Subir Grewal |
|
Subject: |
LYNX-DEV Re: http://www.crl.com/~subir/lynx/security.html |
|
Date: |
Tue, 1 Jul 1997 22:02:03 -0700 (PDT) |
I should have remembered this, I've changed that section to note that if
the sticky bit is set on /tmp, other users shouldn't be able to overwrite
the contents of the download.
On 1 Jul 1997 address@hidden wrote:
:The first section looks fine to me.
:
:>Use of /tmp for temporary downloads
:>
:> Lynx uses /tmp to store files during temporary downloads. The filename
:> Lynx chooses can be predicted, and another user on the system can
:> overwrite the file being downloaded, replacing it with a trojan horse
:> binary. If the user performing the download executes this binary at a
:> later time, it may be possible to execute commands with his/her UID.
:
:No, other users can make symbolic link of the same name and thus overwrite
:any file the other user owns, and without the control of what will be the
:'other file' overwritten with. (It will be overwritten with the content of
:the document the user D)ownloads.)
:
:Hynek
:
:PS Please bounce this to lynx-dev, I forgot to include the CC.
:
address@hidden + Lynx 2.7.1 + NeXT/PGP mail + www.crl.com/~subir/
"The Government's assertion is incorrect...
The Government's reasoning is also flawed."
-- Supreme Court justice John Paul Stevens' opinion of the CDA
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- LYNX-DEV Re: http://www.crl.com/~subir/lynx/security.html,
Subir Grewal <=