https://bugzilla.mindrot.org/show_bug.cgi?id=2721
Damien Miller <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from Damien Miller <[email protected]> --- (In reply to Stefan Walter from comment #2) > The question of course is, can a malicious user on the system > exploit any race conditions in this process. sure - it's racy. I don't think sftp should attempt to do magic to work around filesystem corner cases, especially when rm(1) doesn't. OTOH we should offer users the ability to truncate a file themselves if we don't already. Does "put /dev/null file-to-delete" work to truncate? AFAIK it should because we open(.., O_TRUNC, ..) -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
