The place to solve this is in whatever is using cat for this purpose. check for the file type before blindly cat'ing.
this solution is like soaking your clothing with antiseptic every morning because you are prone to stabbing yourself. On Sun, Jul 19, 2015 at 8:26 AM, Ted Unangst <t...@tedunangst.com> wrote: > Sevan Janiyan wrote: >> The feature was actually added to ensure whatever cat was meant to be >> reading from was indeed a plain file and not another which could block a >> process. >> "Use cat -f to avoid denial of service attacks by people who make >> .rhosts files fifos." >> http://mail-index.netbsd.org/source-changes/2000/01/14/0069.html > > hmm, well, security(8) in openbsd is a perl script that doesn't exec cat, so > this wouldn't help solve that problem. > > now, looking at security, it seems there may be an issue if it tries to open a > blocking file, but that will need solving there, not in cat. >
