Karl?
Your cvs also shows 0666. I guess 0600 would be ok.
On Mit, 05 Okt 2005, Florian Weimer wrote:
> * Norbert Preining:
>
> > + fd = open (name, O_CREAT|O_EXCL|O_WRONLY, 0666);
>
> 0600? 0666 might lead to an information leak.
>
> > @@ -1615,14 +1626,15 @@
> > /* Return a newly-allocated string concatenating S1 and S2. */
>
> This comment is outdated after the patch.
Best wishes
Norbert
-------------------------------------------------------------------------------
Dr. Norbert Preining <preining AT logic DOT at> Università di Siena
sip:[EMAIL PROTECTED] +43 (0) 59966-690018
gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 B094
-------------------------------------------------------------------------------
BRECON
That part of the toenail which is designed to snag on nylon sheets.
--- Douglas Adams, The Meaning of Liff
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
