Subject: Re: Security "hole"?
To: Peter Seebach <firstname.lastname@example.org>
From: Chris Pinnock <email@example.com>
Date: 07/10/2001 08:17:38
On Mon, Jul 09, 2001 at 10:25:22AM -0500, Peter Seebach wrote:
> So, FreeBSD had a security patch (or two) a while back involving fts_read.
> Basically, the bug involved moving a directory *while* fts was traversing
> it, and could result in things like "rm -r" hopping *out* of the directories
> they were started in!
> So... There's nothing in our fts.c (or __fts13.c) that looks similar to the
> FreeBSD patch.
> Not applicable? Already fixed? Not worth worrying about?
I believe that Christos Zoulas patched the relevant file a few weeks
ago, but I can't be sure. best wishes,