|
From: | Alan Cox |
Subject: | Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)] |
Date: | Wed, 7 May 1997 09:10:16 +0100 (BST) |
> Something like the appended wrapper shell script should prevent this. > [ Of course, no guarantees. Comments?? ] For most systems. Older systems with /tmp mode 777 someone could move the subdir and make a new one. The right answer is to either use mkstemp() for the cases we can or default LYNX_TEMP_SPACE to ~/.lynx/cachei and mkdir ~/.lynx/cache or somesuch on startup. That probably ought to be in the "official" 2.7.2 lynx Alan ; ; To UNSUBSCRIBE: Send a mail message to address@hidden ; with "unsubscribe lynx-dev" (without the ; quotation marks) on a line by itself. ;
[Prev in Thread] | Current Thread | [Next in Thread] |