Re: [Full-disclosure] Symlink vulnerabilities

bugs@xxxxxxxxxxx wrote:



Maybe I should use bashbug to report a bug in bashbug?

I took a quick look, it's actually using mkdir to create a temporary
directory in /tmp, which it uses for collecting support files.

This is actually a safe way to use /tmp, assuming you check the return code
of mkdir (which it does). The mkdir() system call behaves very differently
to open(), and is not vulnerable to these attacks.


taviso@xxxxxxxxxxxxx | pgp encrypted mail preferred

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -