[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] CVE Request - Gnu Wget 1.17 - Design Error Vulnerability
From: |
Tim Rühsen |
Subject: |
Re: [Bug-wget] CVE Request - Gnu Wget 1.17 - Design Error Vulnerability |
Date: |
Sun, 14 Aug 2016 21:24:49 +0200 |
User-agent: |
KMail/5.2.3 (Linux/4.6.0-1-amd64; KDE/5.23.0; x86_64; ; ) |
Hi,
here is a patch to limit the file modes to u+rw for temp. downloaded files.
Not sure if your proof of concept still works or not - but it seems a good
thing anyways.
Regards, Tim
0001-Limit-file-mode-to-u-rw-on-temp.-downloaded-files.patch
Description: Text Data
signature.asc
Description: This is a digitally signed message part.