Robert Atkey wrote:
On Tue, 2008-08-19 at 11:16 +0100, Ezra Cooper wrote:
If I added a setting which allowed choosing an alternate directory for
cache files, would this solve the problem? One could use /tmp, for
example. In this case I would also do something to prevent users from
clashing with one another, for example hashing the file's full path
name to form the cache filename.
I think you need to do something clever, because otherwise another user
could place a rogue cache file with the right filename that contains
something malicious which Links would take over the source code version.
Maybe you have to hash the source code and put that in the in cache
file?
It's a good point. Your solution would work, I think. Another (cheaper?)
safeguard would be to check
that the file is created by the webserver user; thus any such file would
be "trusted." This way we wouldn't have to hash the source (which would
be necessary on each cache access as well as on creation).
Thoughts on that?
Ezra
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
_______________________________________________
links-users mailing list
[email protected]
http://lists.inf.ed.ac.uk/mailman/listinfo/links-users
