Re: Symlink Vulnerability in GNU libtool <1.5.2

bug-libtool

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Symlink Vulnerability in GNU libtool <1.5.2

From:	Stefan Nordhausen
Subject:	Re: Symlink Vulnerability in GNU libtool <1.5.2
Date:	Sat, 07 Feb 2004 00:55:54 +0100
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040113

Bob Friesenhahn wrote:

You are assuming that $RANDOM is portable and functional across all
Bourne-like shells.

For shells that don't implement $RANDOM it will simply be anuninitialized variable which defaults to "". That means you will get"$tmpdir/libtool-$$..." as a directory name.


Regards
Stefan

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Symlink Vulnerability in GNU libtool <1.5.2, Joseph S. Myers, 2004/02/03
- Re: Symlink Vulnerability in GNU libtool <1.5.2, Scott James Remnant, 2004/02/03
  - Re: Symlink Vulnerability in GNU libtool <1.5.2, Gary V . Vaughan, 2004/02/03
- Re: Symlink Vulnerability in GNU libtool <1.5.2, Stefan Nordhausen, 2004/02/04
  - Re: Symlink Vulnerability in GNU libtool <1.5.2, Bob Friesenhahn, 2004/02/04
    - Re: Symlink Vulnerability in GNU libtool <1.5.2, Stefan Nordhausen <=
- Re: Symlink Vulnerability in GNU libtool <1.5.2, jsm, 2004/02/04
- RE: Symlink Vulnerability in GNU libtool <1.5.2, Muders, Thomas, 2004/02/05

Prev by Date: cheap víagra
Next by Date: ALERT - GroupShield ticket number OA1494_1076111425_SVCH04_1 was generated
Previous by thread: Re: Symlink Vulnerability in GNU libtool <1.5.2
Next by thread: Re: Symlink Vulnerability in GNU libtool <1.5.2
Index(es):
- Date
- Thread