I think lisp calls to set-file-modes should also be checked carefully. Would you like to check some of them? The crucial question is, does a call to set-file-modes introduce a worse problem than what existed anyway. For instance, if someone could put a hardlink where you will chmod it, could he also put a hardlink where you will write the contents of the file? In cases where the latter problem exists, adding the former problem to it does not really make things any worse.
_______________________________________________ Emacs-devel mailing list [email protected] http://lists.gnu.org/mailman/listinfo/emacs-devel
