Jim Meyering <[EMAIL PROTECTED]> writes: > how can setting the controlling terminal cause trouble if we're > guaranteed never to read from or write to the corresponding file > descriptor.
Once the terminal controls you, someone typing Control-C on that terminal can send you a signal, even if you're not reading or writing to the corresponding file descriptor. On hosts where O_NOCTTY is significant, and which do not support O_DIRECTORY (Solaris, for example), this can cause an attacker to kill a seemingly-unrelated directory-traversal process. _______________________________________________ Bug-coreutils mailing list Bug-coreutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-coreutils
