Hi,
On Fri, Apr 16, 2010 at 11:16:32AM +0200, David Sommerseth wrote:
> I'll look more into this, as the only advantage is that if open() with
> O_EXCL|O_CREAT fails if the file exists, it should be used instead.
Unfortunately, this won't help against symlink attacks directed to
non-existant files (like "-> /etc/nologin").
It *will* protect against symlink attacks to existing files (overwriting
/etc/passwd or something similarily nasty).
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
