[6198] in bugtraq
Re: overwrite any file with updatedb
daemon@ATHENA.MIT.EDU (Kragen)
Mon Mar 2 17:31:32 1998
Date: Mon, 2 Mar 1998 15:16:41 -0500
Reply-To: Kragen <kragen@POBOX.COM>
From: Kragen <kragen@POBOX.COM>
X-To: Cain <cain@TASAM.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.BSF.3.96.980301224352.10578B-100000@tasam.com>
On Sun, 1 Mar 1998, Cain wrote:
> in /tmp called sort0<pid>000{1,2,etc}. Each is around 512k. The
On SunOS 5.5.1, the filenames are of the form /var/tmp/stmAAAa003M_aa,
and the files are typically smaller.
The M_ part, at least, appears to change from run to run, but it
doesn't change within a run.
Solaris 5.5.1 sort doesn't check for symlinks before it opens the file;
I have successfully overwritten a file in my home dir this way.
This is similar to the gcc bug.
Kragen
