[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Re: ...vulnerability in Lynx...
|
From: |
Jonathan Sergent |
|
Subject: |
Re: LYNX-DEV Re: ...vulnerability in Lynx... |
|
Date: |
Thu, 08 May 1997 20:15:14 EST |
] Perhaps the best approach is for configure to set a flag indicating
] sticky directories or not. Then, in lynx,
] if sticky directories supported, but the directory to be used isn't sticky
] lynx won't run.
]
] if no sticky directories supported, and the directory to be used isn't
] owned by the user and only writable by the user, and the directories
] above it are not only writable by administrators or the user, then
] lynx won't run
Perhaps a _better_ approach is a combination of the above two conditions.
Test each directory (temp_space and its parents, up to the filesystem root)
for the following:
Is the directory group-writeable or world-writeable?
If not, is the directory owned by the user or by uid 0?
If so, the directory is okay.
If not, the directory is bad.
#if !defined(NO_STICKY_DIRECTORIES)
If it is writeable by others, is the sticky bit set?
If so, the directory is okay (2).
If not, the directory is bad.
#endif
If the directory is bad, print an informational error message and exit.
Then add -DNO_STICKY_DIRECTORIES to any platforms listed in the Makefile
which don't support sticky directories. Add something similar to autoconf
when it's release quality.
Would it be wise to do this in LYMain when temp_space is set as well
as in tempname where filenames are allocated, or would continually
accessing all those directory inodes slow down speed for people using
AFS or NFS for their home directories?
It would also be prudent to add any other bugfixes (but no functionality
enhancements) which might exist to this release.
Is the above worth more than my $0.02?
The other (more proper) option is to rework Lynx's temp file handling
so that we can use mkstemp (i.e. make it pass around open files, make it
figure out when it is done with a temp file so it can close them, and
other issues which would come up). This belongs in the development
code, not in a semi-urgent bug fix.
Again, $0.02.
--jss.
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Scott McGee (Personal), 1997/05/07
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Bela Lubkin, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jonathan Sergent, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Larry W. Virden, x2487, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx...,
Jonathan Sergent <=
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Klaus Weide, 1997/05/08
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Jonathan Sergent, 1997/05/09
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., Larry W. Virden, x2487, 1997/05/09
Re: LYNX-DEV Re: ...vulnerability in Lynx..., Nelson Henry Eric, 1997/05/09
Re: LYNX-DEV Re: ...vulnerability in Lynx..., Brian Tillman, x8425, 1997/05/09
Re: LYNX-DEV Re: ...vulnerability in Lynx..., Scott McGee (Personal), 1997/05/09