git://git.exim.org
/
users
/
jgh
/
exim.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(from:
bf83d8d
)
Protect against symlink attacks on MBX lockfile in /tmp as best we can:
author
Phil Pennock
<pdp@exim.org>
Sat, 29 May 2010 12:11:48 +0000
(12:11 +0000)
committer
Phil Pennock
<pdp@exim.org>
Sat, 29 May 2010 12:11:48 +0000
(12:11 +0000)
* if system supports O_NOFOLLOW, use it, protection complete
* else detect the attack "too late" and abort, where at worst an empty file
has been created as the attacked user
Our hands are tied by not changing the locking algorithm.
fixes: bug #989
No differences found
git://git.exim.org / users / jgh / exim.git / commitdiff