-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 16/04/10 23:42, Fabian Knittel wrote:
> Hi David,
>
> David Sommerseth wrote:
>> +}
>> + while (attempts < 6);
>>
>> - return gen_path (directory, BSTR (&fname), gc);
>> + msg (M_FATAL, "Failed to create temporary file after %i attempts",
Hi David,
David Sommerseth wrote:
> +}
> + while (attempts < 6);
>
> - return gen_path (directory, BSTR (&fname), gc);
> + msg (M_FATAL, "Failed to create temporary file after %i attempts",
> attempts);
> + return NULL;
> }
I noticed something else ... if - hypothetically - someone ma
From: David Sommerseth
By hardening the create_temp_filename() function to check if the generated
filename exists and to create the temp file with only S_IRUSR|S_IWUSR bit
files set before calling the script, it should become even more difficult to
exploit such a scenario.
After a discussion on
