CVS commit: basesrc

To: source-changes%netbsd.org@localhost
Subject: CVS commit: basesrc
From: Christos Zoulas <christos%netbsd.org@localhost>
Date: Tue, 5 Jun 2001 20:05:12 +0300 (EEST)

Module Name:    basesrc
Committed By:   christos
Date:           Tue Jun  5 17:05:12 UTC 2001

Modified Files:
        basesrc/lib/libc/gen: __fts13.c

Log Message:
Fix problem reported by Kris Kennaway <kris%obsecurity.org@localhost>; In
the default case fts(3) uses chdir("..") to ascend the tree. The
sequence of chdir's can be intercepted by a malicious user who
moves a subtree that fts is currently traversing to a higher level,
thus making fts operate outside it's original starting directory.


To generate a diff of this commit:
cvs rdiff -r1.32 -r1.33 basesrc/lib/libc/gen/__fts13.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: Re: CVS commit: basesrc
Next by Date: CVS commit: basesrc
Previous by Thread: CVS commit: basesrc
Next by Thread: CVS commit: basesrc
Indexes:

Home | Main Index | Thread Index | Old Index