===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/Attic/porting.html,v
retrieving revision 1.11
retrieving revision 1.12
diff -c -r1.11 -r1.12
*** www/Attic/porting.html 1998/08/18 02:49:25 1.11
--- www/Attic/porting.html 1998/08/18 02:53:36 1.12
***************
*** 108,116 ****
a valid shell script, a syntax error message would follow, along with the
first line of the offending file, without any further permission check.
Pretty handy to grab the first line of a shadow passwd file, considering
! these often start with root entry. Once again, don't trust filenames:
! open your file, and do an fstat
on the open descriptor to
! check the actual rights.
popen
and system
.
--- 108,117 ----
a valid shell script, a syntax error message would follow, along with the
first line of the offending file, without any further permission check.
Pretty handy to grab the first line of a shadow passwd file, considering
! these often start with root entry. Do not open your file, and then do
! an fstat
on the open descriptor to check if you should have
! been able to open it (or the attacked will play with /dev/rst0 and rewind
! your tape) -- open it with the correct uid/gid/grouplist set.
popen
and system
.
***************
*** 298,303 ****