version 1.17, 1999/01/31 23:29:28 |
version 1.18, 1999/02/08 13:59:20 |
|
|
<li>For instance, both <code>fopen</code> and <code>freopen</code> |
<li>For instance, both <code>fopen</code> and <code>freopen</code> |
<strong>create a new file or open an existing file</strong> for |
<strong>create a new file or open an existing file</strong> for |
writing. An attacker may create a symbolic link from |
writing. An attacker may create a symbolic link from |
<code>/etc/paswd</code> to <code>/tmp/addrpool_dump</code>. The |
<code>/etc/passwd</code> to <code>/tmp/addrpool_dump</code>. The |
instant you open it, your password file is hosed. Yes, even with |
instant you open it, your password file is hosed. Yes, even with |
an <code>unlink</code> right before. You only narrow the window |
an <code>unlink</code> right before. You only narrow the window |
of opportunity. Use <code>open</code> with |
of opportunity. Use <code>open</code> with |