Hello, policyd-weight still did not check the working directory correctly.
1st: I assumed [ -L /foo/bar ] is the same as [ -L /foo/bar/ ] because the -L tells the file test what to look for. But in the latter form it is checked with S_IFDIR. We normalize the path with File::Spec->canonpath as s,/+$,, is not sufficient. 2nd: policyd-weight didn't check the ownership of real directories which might have been resulted in a race attack. Policyd-weight once gets the stat/lstat and reuses that information in order to provide some sort of atomicity of the check_symlnk() sub-routine. MD5 (policyd-weight) = 68373b7cfeda52b78df6229ed658771e SHA256 (policyd-weight) = 4245495685e516e00a363a97aaa17456f48c51fcbdb4458989a9d68db64083bc MD5 (policyd-weight-0.1.14.17.tar.gz) = c90128d2442ba343e8127dc0dbdcfd9a SHA256 (policyd-weight-0.1.14.17.tar.gz) = c13bac397cbd8c018b41686da4e4ce9450fb045752d7f0ab518d9836b39dbf36 -- Robert Felber (PGP: 896CF30B) Munich, Germany ____________________________________________________________ Policyd-weight Mailinglist - http://www.policyd-weight.org/