The open() system call in f8 really broken...

[Steve Grubb]

On Wednesday 15 August 2007 20:56:10 Steve Dickson wrote:
> Now If I'm not mistaken, its been legal since the 70s to use
> O_CREAT without a mode because (depending on the OS) the mode
> of parent directory will be used (or something similar)...

The problem is that without a mode being passed, the kernel uses whatever the 
stack contents are. And yes, its conceivable the stack contents could create 
a world writable setuid file which cannot ever be the intended operation.

-Steve