[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Potential security bug in fopen()

From: Ulrich Drepper
Subject: Re: Potential security bug in fopen()
Date: 07 Feb 2001 13:23:55 -0800
User-agent: Gnus/5.0807 (Gnus v5.8.7) XEmacs/21.1 (Capitol Reef)

Michael Sweet <address@hidden> writes:

> I've had several reports of a potential symlink attack on some code
> in CUPS; upon further investigation, it appears that fopen() is
> unlink'ing the named file when the open mode is "w".

fopen does nothing like this.

---------------.                          ,-.   1325 Chesapeake Terrace
Ulrich Drepper  \    ,-------------------'   \  Sunnyvale, CA 94089 USA
Red Hat          `--' drepper at redhat.com   `------------------------

reply via email to

[Prev in Thread] Current Thread [Next in Thread]