Mark Hindess wrote: > The security section of the excellent Linux Weekly News (http://lwn.net) > this week has an article about "Exploiting symlinks and tmpfiles". > After reading it, I thought I'd take a look at the Harmony natives. I > am beginning to wish I hadn't ...
Well I'm glad that you did :-) <big snip/> > I have a patch for the unix now and I don't think it is as complicated > on windows but I'm just getting someone to check the patch before > committing it. After reading through your exploits it seems (a) surprising about the apparent inconsistency in the OS APIs, and (b) right to fix the current harmony behavior to avoid miscreant's taking advantage of it. Regards, Tim
