Subject: Re: CRITICAL ** Holes in default cron jobs ** CRITICAL
To: der Mouse <mouse@Holo.Rodents.Montreal.QC.CA>
From: Greg Hudson <firstname.lastname@example.org>
Date: 01/02/1997 10:28:23
So, people have been saying things like:
>>> Maybe I'm missing something here, but it seems to me that there are
>>> times that you don't want to follow symlinks.
> Yeah, there are. :-)
Name one. "Cleaning up /tmp and /var/tmp" is not an example because
/tmp, /var, or /var/tmp might themselves be symlinks (both /var and
/tmp are symlinks in the installation scripts I support at MIT, for
instance). We have established that, using fchdir(), you can avoid
following symlinks within /tmp, so there is no reason to muck with the
kernel to get around this security hole.