On Mon, 22 Dec 2008, Thomas Viehmann wrote:
Oh, and if you really care, be sure that it's a regular file (not a symlink pointing to something) owned by yourself before using it as a hint to kill your processes.
Thanks for your hints. I've prepared a patch at http://svn.debian.org/wsvn/debian-med/trunk/packages/arb/trunk/debian/patches/tmpfile_CVE-2008-5378.patch?op=file&rev=0&sc=0 and http://svn.debian.org/wsvn/debian-med/trunk/packages/arb/trunk/debian/bin/arb-kill?op=file&rev=0&sc=0 Could you please inspect this patch before I do the upload? Kind regards Andreas. -- http://fam-tille.de -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
