On Wed January 30 2008, Stefan Seyfried wrote: > If somebody managed to get a symlink where the logfile should be, you are > fscked. So i think this is less secure.
Btw. even with the old code, you would be fscked, because it would then be only a race condition. It is not guaranteed that nobody creates a symlink after the rm of it and before the exec is executed. Here the new patch is even more secure, e.g. when the file was once sucessfully created, e.g. in /var/tmp, it requires extra privilegies to create a symlink instead. Regards, Till
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Pm-utils mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/pm-utils
