[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev Lynx 2.8.3 with nmh problems
From: |
T.E.Dickey |
Subject: |
Re: lynx-dev Lynx 2.8.3 with nmh problems |
Date: |
Tue, 9 May 100 14:27:30 -0400 (EDT) |
> Which of the following statements are true?
neither. you're leaving out something
> The code for creating the temporary directory does not increase security
> in any way, if the TMPDIR or LYNX_TEMP_SPACE is pointing to a safe user-
> private directory.
in this case, the temporary directory is not created
> The code for creating the temporary directory does not increase security
> in any way, if the t-bit prevents renaming of non-writable files.
a malicious user can (in theory ;-) create a symbolic link in $TMPDIR
to point to an arbitrary file irregardless of the t-bit (and how well
implemented it is).
> If both are true, then I want to compile lynx such that it never
> creates a temporary directory on this system. If both are not true,
> then I have misunderstood you so far, and ask for more explanation.
>
> Klaus
>
>
> ; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden
--
Thomas E. Dickey <address@hidden>
http://dickey.his.com
ftp://dickey.his.com
; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden
- Re: lynx-dev Lynx 2.8.3 with nmh problems, (continued)
- Re: lynx-dev Lynx 2.8.3 with nmh problems, T.E.Dickey, 2000/05/08
- Re: lynx-dev Lynx 2.8.3 with nmh problems, T.E.Dickey, 2000/05/08
- Re: lynx-dev Lynx 2.8.3 with nmh problems, T.E.Dickey, 2000/05/09
- Re: lynx-dev Lynx 2.8.3 with nmh problems, T.E.Dickey, 2000/05/09
- Re: lynx-dev Lynx 2.8.3 with nmh problems,
T.E.Dickey <=
- Re: lynx-dev Lynx 2.8.3 with nmh problems, Henry Nelson, 2000/05/09
- Re: lynx-dev Lynx 2.8.3 with nmh problems, Henry Nelson, 2000/05/09