To comment on the following update, log in, then open the issue: http://www.openoffice.org/issues/show_bug.cgi?id=44886
------- Additional comments from [EMAIL PROTECTED] Mon Mar 14 09:57:38 -0800 2005 ------- The problem here is a "/tmp - vulnerable to symlink - race condition". >> The worst thing that can happen is that the url is not opened by a browser / >> mail client. correct, but additionally you can trick the user in overwriting one of his files in /tmp with the content of input variable "$1" :-) In our case 'cde-open-url' writes to /tmp/$$.mailto, however a malicius user can already have created [1..32767].mailto or the equivalent for $$.url - symlinks before 'cde-open-url' will get executed by the user working with OOo.. See also issue 7627: Larry W. Cashdollar gives a far better explanation concerning the symlink problem [Tue Sep 10 18:47:10 -0800 2002]. P.S.: These sort of problems are also well discussed in German Linux Magazin April 05, pp. 65 ff (still available at the kiosk) (I am willing to submit a patch, however this would be the ever first in my life and i guess you guys surely can fix this better than me who would just be copying code from an newbie-article.. ;-) --------------------------------------------------------------------- Please do not reply to this automatically generated notification from Issue Tracker. Please log onto the website and enter your comments. http://qa.openoffice.org/issue_handling/project_issues.html#notification --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
