[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug#149454: uudecode bug (?)
From: |
martin f krafft |
Subject: |
Re: Bug#149454: uudecode bug (?) |
Date: |
Tue, 9 Jul 2002 14:44:25 +0200 |
User-agent: |
Mutt/1.3.28i |
also sprach Paul Eggert <address@hidden> [2002.07.09.1415 +0200]:
> The same reason it is not a security bug if "sh" does follow symlinks.
> You can't trust shar files; nor can you trust uuencoded files. If you
> are given an untrustworthy file to uudecode and do not wish to inspect
> it, you should always invoke uudecode with the -o option.
>
> POSIX 1003.1-2001 requires that uudecode must overwrite existing files
> rather than removing them. This includes following symbolic links to
> existing files. For details, please see:
> <http://www.opengroup.org/onlinepubs/007904975/utilities/uuencode.html>.
thanks for your time and explanation. you should know that i am really
just a proxy in this debate, and while i usually try to be a 'caching'
proxy in such cases, i myself don't yet understand your point fully.
do you mean that POSIX differentiates between overwriting and
replacing? i'd define the first as inode preserving, the second as
creating a new inode while dropping the old.
i did read the URL you posted, as well as the uudecode.html file, and
it does mention overwrite rather than replace. given that and the
posix definition, i am willing to argue that uudecode doesn't contain
a bug wrt the standard.
nevertheless, i still don't see the rationale behind this behaviour.
if you do have a spare minute, would you mind ensuring that i grasp
just why uudecode must overwrite while tar replaces?
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" address@hidden
today, i will gladly share my experience and advice,
for there are no sweeter words than "i told you so."
pgpO1sVbGi6nq.pgp
Description: PGP signature
- Re: Bug#149454: uudecode bug (?), martin f krafft, 2002/07/09
- Re: Bug#149454: uudecode bug (?), Santiago Vila, 2002/07/09
- Re: Bug#149454: uudecode bug (?), martin f krafft, 2002/07/09
- Re: Bug#149454: uudecode bug (?), Andreas Schwab, 2002/07/09
- Re: Bug#149454: uudecode bug (?), martin f krafft, 2002/07/09
- Re: Bug#149454: uudecode bug (?), Paul Eggert, 2002/07/09
- Re: Bug#149454: uudecode bug (?),
martin f krafft <=
- Re: Bug#149454: uudecode bug (?), Paul Eggert, 2002/07/09
- Re: Bug#149454: uudecode bug (?), martin f krafft, 2002/07/10
- Re: Bug#149454: uudecode bug (?), Paul Eggert, 2002/07/10