lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV Re: ...vulnerability in Lynx...

From: Larry W. Virden, x2487
Subject: Re: LYNX-DEV Re: ...vulnerability in Lynx...
Date: Thu, 8 May 1997 20:26:01 -0400 
>  ] Warnings about whether /tmp is "sticky" could badly mislead the user.
>  ] Not every Unix system understands the sticky bit on a directory to mean
>  ] "only owner can delete a file".  Lynx would be announcing a false
>  ] solution.
> 
> The problem is still there, without regard to whether the operating 
> system supports that particular means of solving it.  It need not
> announce a solution.

Perhaps the best approach is for configure to set a flag indicating
sticky directories or not.  Then, in lynx, 
if sticky directories supported, but the directory to be used isn't sticky
        lynx won't run.

if no sticky directories supported, and the directory to be used isn't
        owned by the user and only writable by the user, and the directories
        above it are not only writable by administrators or the user, then
        lynx won't run
        
-- 
Larry W. Virden                 INET: address@hidden
<URL:http://www.teraform.com/%7Elvirden/> <*> O- "We are all Kosh."
Unless explicitly stated to the contrary, nothing in this posting should 
be construed as representing my employer's opinions.
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;
reply via email to
[Prev in Thread] Current Thread [Next in Thread]