[Cgi-session-user] FW: Security issue about CGI::Session
Brought to you by:
sherzodr
Menu
▾
▴
[Cgi-session-user] FW: Security issue about CGI::Session
|
From: Sherzod R. <she...@ha...> - 2006-03-20 19:18:15
|
> -----Original Message----- > From: Julien Danjou [mailto:ju...@da...] > Sent: Monday, March 20, 2006 12:27 PM > To: Sherzod Ruzmetov > Subject: Security issue about CGI::Session > > > Hello, > > I just saw you released 4.09, fixing security holes. > However, it seems that at least the "file" driver is still > vulnerable, since it does not use the O_EXCL flag. What do you think ? > > Do you plan to fix this and the sqlite holes ? > > Regards, > -- > Julien Danjou > // <ju...@da...> http://julien.danjou.info > // 9A0D 5FD9 EB42 22F6 8974 C95C A462 B51E C2FE E5CD > // I'm no superman. > |
