[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Potential security bug in fopen()
From: |
Ulrich Drepper |
Subject: |
Re: Potential security bug in fopen() |
Date: |
07 Feb 2001 13:23:55 -0800 |
User-agent: |
Gnus/5.0807 (Gnus v5.8.7) XEmacs/21.1 (Capitol Reef) |
Michael Sweet <address@hidden> writes:
> I've had several reports of a potential symlink attack on some code
> in CUPS; upon further investigation, it appears that fopen() is
> unlink'ing the named file when the open mode is "w".
fopen does nothing like this.
--
---------------. ,-. 1325 Chesapeake Terrace
Ulrich Drepper \ ,-------------------' \ Sunnyvale, CA 94089 USA
Red Hat `--' drepper at redhat.com `------------------------