bug#4291: 23.1; doc-view-mode temporary directory vulnerable to denial o

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#4291: 23.1; doc-view-mode temporary directory vulnerable to denial o

From:	Glenn Morris
Subject:	bug#4291: 23.1; doc-view-mode temporary directory vulnerable to denial of service
Date:	Sun, 30 Aug 2009 21:42:51 -0400
User-agent:	Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/)

David Bremner wrote:

> By default doc-view-mode makes a directory /tmp/docview$uid .  Since
> this is easily predictable, a malicious person could cause docview to
> fail simply by creating a directory with the same name. 

Couldn't they do the same thing by simply filling /tmp with junk, no
matter what filename is used?

(Emacs server also uses the same name every time AFAIK.)

[Prev in Thread]

Current Thread

[Next in Thread]

bug#4291: 23.1; doc-view-mode temporary directory vulnerable to denial of service, David Bremner, 2009/08/30
- bug#4291: 23.1; doc-view-mode temporary directory vulnerable to denial of service, Glenn Morris <=
  - bug#4291: 23.1; doc-view-mode temporary directory vulnerable to denial of service, Stefan Monnier, 2009/08/31

Prev by Date: Processed: control
Next by Date: bug#4287: reducing emacs size by more frequent garbage-collect calls in loadup.el
Previous by thread: bug#4291: 23.1; doc-view-mode temporary directory vulnerable to denial of service
Next by thread: bug#4291: 23.1; doc-view-mode temporary directory vulnerable to denial of service
Index(es):
- Date
- Thread