[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security vulnerability in automake
From: |
Bruce Korb |
Subject: |
Re: Security vulnerability in automake |
Date: |
Fri, 07 Jun 2002 13:36:59 -0700 |
Allan Clark wrote:
>
> This is really not an issue;
There are a lot of sloppy people around.
I had a make check test divert its output to /dev/null,
only the test also changed the permissions of the output
file, too. Someone complained that /dev/null became r--r--r--.
It might be useful to choke on non-install targets when
the uid is zero? *sigh* "If it hurts, don't do it." :-)