Muli Ben-Yehuda wrote:
>I have a patch implementing this already written. However, it doesn't
>protect us from the synlink attack.
>
>
>
Sure it does. Just make sure noone but you have write permissions on the
directory. No write permissions - no rename capabilities, no ability to
symlink. We are somewhat problematic as regards to how do you make sure,
when creating the directory, it is not a symlink. I don't think it's a
problem, at least not on Linux:
2> cd /tmp
3> ln -s blahblah booh
4> mkdir booh
mkdir: cannot create directory `booh': File exists
5> mkdir blahblah
6> mkdir blahblah
mkdir: cannot create directory `blahblah': File exists
7> uname -a
Linux my.puter.com 2.4.9-31 #1 Tue Feb 26 07:11:02 EST 2002 i686 unknown
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
