Circa 2003-02-05 12:45:16 +0000 dixit Philip Hazel:
: On Wed, 5 Feb 2003, Sheldon Hearn wrote:
:
: > A local user can fool Exim into overwriting any group mail owned file on
: > the filesystem if
: >
: > a) the user can write to a directory in which Exim tries to write a
: > file,
: > b) Exim tries to write that file with a predictable filename,
: > c) Exim uses a predictable filename, and
: > d) Exim accidentally follows a symlink.
:
: True. That's exactly why Exim forbids symlinks for single-file
: mailboxes, which of course have predictable (= fixed) file names.
:
: But for maildir deliveries, Exim insists on writing a new file (by using
: O_CREAT). So I don't see that it matters whether the name is
: predictable or not.
<PEDANTIC alt="confirming semantics">
I hope you mean 'O_CREAT | O_EXCL'. (O_CREAT by itself merely creates
the file if it doesn't already exist before opening it, whereas with
both together, open() will fail if the file already exists).
</PEDANTIC>
- --
jim knoble | jmknoble@??? |
http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
"I am non-refutable." --Enik the Altrusian