Subject: Re: CRITICAL ** Holes in default cron jobs ** CRITICAL
To: None <current-users@NetBSD.ORG>
From: der Mouse <mouse@Holo.Rodents.Montreal.QC.CA>
List: current-users
Date: 12/30/1996 16:25:33
> Hmm. Wouldn't a `-rm' (or maybe `-unlink') option to `find' be the
> right way to close this hole?

> (find would presumably wander around the hierarchy using
> chdir/fchdir, and thus would only pass single-component pathnames to
> unlink()).

It'd work, for fixing this particular instantiation of this hole.  But
it would not work for applications that want to do anything but
removing the entry (presumably you'd add -rmdir as well).

Also, the code to walk the hierarchy properly would be _very_ unsimple.
(Primarily because you can have _far_ more pathname components - ie,
directories you have to walk down and back up through - than you have
file descriptors available.  File descriptor limit seems to be 344 on
the system I have handy, but MAXPATHLEN is more like 10K, meaning you
can need up to 5K pending directories.)

					der Mouse

		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B