-----BEGIN PGP SIGNED MESSAGE----- On 9 Aug 1997, Carey Evans wrote: >> The only solution is to come up with a program that >> never follows syslinks, and checks that the i-node of the file it is >> removing remains the same. > >Actually, i-nodes can be recycled, so it isn't a good idea to depend >on that: The perl program that the discoverer of this security hole proposed will take care of this. It uses a lot of checks to make sure, the files to be deleted are the ones intended, and checking the inode number is only one of many tests.
Unfortunately I forgot the URL where I read about this Nils - -- \ / | Nils Rennebarth --* WINDOWS 42 *-- | Schillerstr. 61 / \ | 37083 Göttingen | ++49-551-71626 Micro$oft's final answer | http://www.nus.de/~nils -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQB1AwUBM+xqzVptA0IhBm0NAQFjDQL/ew6F2xXKldFd4jGNfopEyXDcxPmbtmLD SCp8l0zTmb+efcqWeSQx0W/tvZjhq0VEpvYIFoWYtwqXnGaYuZ9X5l6bhzxxsij2 n0Xyc4rSi4hoDbLaL8bpb2qPTWSHz0TW =N8PX -----END PGP SIGNATURE----- -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .