Re: [Cgi-session-user] FW: Security issue about CGI::Session
Brought to you by:
sherzodr
Menu
▾
▴
Re: [Cgi-session-user] FW: Security issue about CGI::Session
|
From: Matt L. <mle...@cp...> - 2006-03-21 23:02:24
|
Kenneth, Good point. I've submitted yet another patch that checks to make certain the file opened is not a symlink. Now that I've reread the documentation for sysopen, it seems O_EXCL is only effective if it's paired with O_CREAT. I've verified that O_RDONLY|O_EXCL follows symlinks on three operating systems. Anyway, I'm currently writing new tests to make certain the file and db_file drivers protect against symlinks. Thanks, Matt LeBlanc Kenneth Porter wrote: > On Tuesday, March 21, 2006 2:17 PM -0600 Matt LeBlanc > <mle...@cp...> wrote: > >> This is why the code now checks for symlinks prior to opening the file >> for writing and attempts to delete the file and returns an error if >> failing the deletion. > > Don't you still have a window of vulnerability between the delete and > create when a malicious local process could recreate the symlink? > |
