Bugtraq mailing list archives
Re: XFree86 3.1.2 Security Problems
From: nreadwin () london micrognosis com (Neil Readwin)
Date: Sat, 3 Feb 1996 01:44:45 +0000
Anthony C. Zboralski writes:
Maybe someone could take a look at the server sources so it does a system("/bin/rm /tmp/.tX0-lock") just before it a write to the file..
That doesn't fix it since it leaves a race condition that could be exploited using something like ... while(stat(TmpFile, &fileinfo) == 0) ; symlink(TargetFile, TmpFile); -- nreadwin () micrognosis co uk Phone: +1 908 855 1221 x519 Anything is a cause for sorrow that my mind or body has made
Current thread:
- Re: XFree86 3.1.2 Security Problems Neil Readwin (Feb 02)