[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev rc save bug
|
From: |
Philip Webb |
|
Subject: |
Re: lynx-dev rc save bug |
|
Date: |
Wed, 7 Oct 1998 17:31:15 -0400 (EDT) |
981007 Thomas Dickey wrote:
> a link set up as described should be from a directory
> that isn't world writable.
> afaik, there's no reliable way to determine if that directory is owned
> by a privileged user: even '0' for root's is not universal
> in the quasi-Unix clones, but I decided to neglect those: they're very rare.
> But, like Bela, I'm curious who owns the directory where the link is
> (sounds like "/" - which should be owned by root -
> the convention afaik is to have root own all of the nonvolatile stuff,
> and privileged "users" such as "bin" and "news" own facilities).
users' directories are kept on a number of disk units,
whose physical names are replaced by symbolic links
-- /homes/purslow/ = /homefs/u0/purslow/ -- ;
anything found under either must belong to the user purslow :
why on earth would anyone want to write a Lynx function
which interpreted it in any other way?
this is a good university system with an overworked sysadmin,
who doesn't have the right strace & still has Lynx 2-6 as public version.
there's little reason for anyone to get neurotic about security,
as users are generally grown-up enough not to cause damage
even in some rare case of student hacking,
besides which i assume there is security software
to keep track of what users get upto & identify misbehaving individuals.
after having spent 2 days trying to get the problem taken seriously
& doing the leg-work myself -- with good advice from BL & TD -- ,
i am not a little irritated to discover that i have been caused inconvenience
by something designed for people who choose to make their Lynx available
to all & sundry out in the unwashed & ill-behaved World:
people who run computer systems like that get what they deserve IMHO.
>> thanx lots to you for helping, tho' your fix doesn't work (below):
> It should - the code goes through one point
> (maybe this is a different problem).
see my other message about how to really fix it for now:
in the end, with some help, i did it myself.
we should get to the bottom of the problem,
now it's been demonstrated it's not a piece of imagination.
--
========================,,============================================
SUPPORT ___________//___, Philip Webb : address@hidden
ELECTRIC /] [] [] [] [] []| Centre for Urban & Community Studies
TRANSIT `-O----------O---' University of Toronto
- Re: lynx-dev rc save bug, (continued)
- Re: lynx-dev rc save bug, Philip Webb, 1998/10/07
- Re: lynx-dev rc save bug, dickey, 1998/10/07
- Re: lynx-dev rc save bug, Bela Lubkin, 1998/10/07
- Re: lynx-dev rc save bug, dickey, 1998/10/07
- Re: lynx-dev rc save bug, Bela Lubkin, 1998/10/07
- Re: lynx-dev rc save bug, dickey, 1998/10/07
- Re: lynx-dev rc save bug,
Philip Webb <=
- Re: lynx-dev rc save bug, dickey, 1998/10/07
- Re: lynx-dev rc save bug, Bela Lubkin, 1998/10/08
- Re: lynx-dev rc save bug, Bela Lubkin, 1998/10/09