The open() system call in f8 really broken...
Steve Dickson
SteveD at redhat.com
Thu Aug 16 15:38:21 UTC 2007
Jakub Jelinek wrote:
> Even a runtime warning is a wrong thing to do, aborting immediately is the
> only sane thing.
I guess I have different definition of sanity... 8-)
> If you let it through, it can create a file with random mode. Say if a root
> process creates a file with 4777 perms, do you really want to risk that
> while that process is scheduled away somebody copies a shell into that file
> and runs it?
Again.. just fail the open and put the decision of what to do in the
hands of the app... where it belongs...
steved.
More information about the Fedora-maintainers
mailing list