| commit | 741b1a151c9dbd3cb4d61e9f741ec2b73dc71cfc | |
| author | kevind <kevind> | |
| Sun, 20 May 2001 19:41:47 +0000 (20 19:41 +0000) | ||
| committer | kevind <kevind> | |
| Sun, 20 May 2001 19:41:47 +0000 (20 19:41 +0000) | ||
| tree | 5abeed867affbad0df3ed513d311b73abe3bc62d | treesnapshot (tar.gz zip) |
| parent | 61ff089fd901e5052af4afc8f05b2b251fcde393 | commitdiff |
* find/find.c: Fixed security holes. 1. There is a race
condition between the lstat() to detect a symbolic link and the
actual chdir(). 2. An attacker can move directories while find
is _inside_ so that chdir(..) goes out of the intended file tree.
condition between the lstat() to detect a symbolic link and the
actual chdir(). 2. An attacker can move directories while find
is _inside_ so that chdir(..) goes out of the intended file tree.
| find/find.c | diffblobblamehistory |