On Sat, Feb 21, 2009 at 08:59:47PM -0000, Mladen Turk wrote: > Author: mturk > Date: Sat Feb 21 20:59:46 2009 > New Revision: 746589 > > URL: http://svn.apache.org/viewvc?rev=746589&view=rev > Log: > Add simple parent/child data exchange for APR processes
1) another addition to the procattr API which is entirely orthogonal to the API's purpose. ick. 2) every apr_initialize() call for every app in the universe now tries to open some random file in /tmp regardless of whether they use this API 3) fundamental /tmp race (the temp file name is predictable and hence another local user could create the shm file and populate the data segment which would be picked up by the child) and hence is huge security hole -1
