On Thu, Jul 12, 2007 at 05:33:57PM +0200, Peter Stuge wrote: > On Thu, Jul 12, 2007 at 02:49:36PM +0200, Stefan Reinauer wrote: > > * Peter Stuge <[EMAIL PROTECTED]> [070712 09:50]: > > > Have a look. > > > > I think the better way would be to check the paths for ../ and skip > > those with a warning. > > Then there are the symlinks. :\
Yeah, this stuff is horribly hard to get right. Security issues like these are found even in really mature and stable software (coreutils, tar, etc.) again and again... Uwe. -- http://www.hermann-uwe.de | http://www.holsham-traders.de http://www.crazy-hacks.org | http://www.unmaintained-free-software.org
signature.asc
Description: Digital signature
-- linuxbios mailing list [email protected] http://www.linuxbios.org/mailman/listinfo/linuxbios
