Subject: Re: Security "hole"?
To: Peter Seebach <seebs@plethora.net>
From: Chris Pinnock <cjep@fawlty.net>
List: current-users
Date: 07/10/2001 08:17:38
On Mon, Jul 09, 2001 at 10:25:22AM -0500, Peter Seebach wrote:
> So, FreeBSD had a security patch (or two) a while back involving fts_read.
> Basically, the bug involved moving a directory *while* fts was traversing
> it, and could result in things like "rm -r" hopping *out* of the directories
> they were started in!
> 
> So... There's nothing in our fts.c (or __fts13.c) that looks similar to the
> FreeBSD patch.
> 
> Not applicable?  Already fixed?  Not worth worrying about?

I believe that Christos Zoulas patched the relevant file a few weeks 
ago, but I can't be sure. best wishes,
-- 
Chris