[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Re: ...vulnerability in Lynx...
|
From: |
Alan Cox |
|
Subject: |
Re: LYNX-DEV Re: ...vulnerability in Lynx... |
|
Date: |
Fri, 9 May 1997 09:10:05 +0100 (BST) |
> AFAIK this is just a (maybe informed) guess.
>
> This problem is not one specific to Lynx (although Lynx makes it more
> visible than other programs). Maybe we are taking ourselves too
> important if we expect a CERT advisory specifically dedicated to Lynx...
Wrong on that count. There has been at least one request fro a Linux
vendor to bash through an advisory. CERT won't themselves generally do an
advisory until there is a fix btw - its not generally in people's interest
to tell the whole world "Hey its broken - no fix"
> (2) *I* still don't know what that "something" is that would
> (a) be generally acceptable (forcing temp dirs under $HOME isn't, IMHO),
> (b) actually solve the problem without relying on other things
> (sticky bit or similar).
Take the existing code and move the temp files. Nothing else for now.
Alan
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;
- Re: LYNX-DEV Re: ...vulnerability in Lynx..., (continued)
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Foteos Macrides, 1997/05/07
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Brian Tillman, x8425, 1997/05/08
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Scott McGee (Personal), 1997/05/08
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Larry W. Virden, x2487, 1997/05/08
Re: LYNX-DEV [Fwd: BoS: A vulnerability in Lynx (all versions)], Hynek Med, 1997/05/09