Hi Guillem, * Guillem Jover <[EMAIL PROTECTED]> [2008-07-09 09:19]: > This game creates the file projectL.prf on the current working dir > every time it's run. It should probably create it under a dot dir on > the home dir. Setting as important as this might be a security problem > (it might even well be RC).
The code that does this seems to be the following from br/prefmanager.d:
34 public void save(){
35 auto File fd = new File;
36 fd.create(PREF_FILE);
37 fd.write(VERSION_NUM);
38 _prefData.save(fd);
39 fd.close();
40 }
41 public PrefData prefData() {
42 return _prefData;
43 }
Anyone knows if this would follow symlinks and thus opening a symlink attack
here?
I have no idea of the d programing language.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpM7NDONBWQk.pgp
Description: PGP signature
