[10023] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: X11R6 NetBSD Security Problem

daemon@ATHENA.MIT.EDU (Kevin Vajk)
Mon Mar 29 12:19:37 1999

Date: 	Sun, 28 Mar 1999 19:01:41 -0800
Reply-To: Kevin Vajk <kvajk@RICOCHET.NET>
From: Kevin Vajk <kvajk@RICOCHET.NET>
X-To:         Matthieu Herrb <matthieu@laas.fr>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <14075.60480.760010.181394@gargle.gargle.HOWL>

This patch looks pretty good.  (Much better than the current situatiuon!!!)

A few comments:

On Fri, 26 Mar 1999, Matthieu Herrb wrote:
> +    if (errno == EEXIST) {
> +	if (stat(path, &buf) != 0) {

This should be lstat().

> +	if (S_ISDIR(buf.st_mode) && ((buf.st_mode & ~S_IFMT) == mode)) {
> +	    return 0;
> +	}
> +    }

I think you'll want to check the owner of the directory, too.

- Kevin Vajk
  <kvajk@ricochet.net>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[10023] in bugtraq

Re: X11R6 NetBSD Security Problem

daemon@ATHENA.MIT.EDU (Kevin Vajk)Mon Mar 29 12:19:37 1999

daemon@ATHENA.MIT.EDU (Kevin Vajk)
Mon Mar 29 12:19:37 1999