Re: Bitkeeper licence issues

David S. Miller (davem@redhat.com)
Tue, 19 Mar 2002 15:45:02 -0800 (PST)


From: Larry McVoy <lm@bitmover.com>
Date: Tue, 19 Mar 2002 15:44:36 -0800

Hey Dave, are you suggesting that no such exploits exist in Red Hat's
rpm system? In order for that to be true, rpm would have to be making
sure that each and every directory along any path that it writes is
not writable except by priviledged users. I just checked, it doesn't.

We should be using mktemp() to make temporary files, and if we don't
that is a bug and I'd ask you to please submit a bugzilla entry about
it if so because that would be a serious hole.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/