:There is nothing to fix. Sometimes 'make install' instead 'make
:installworld' typed can produce this. Of course, install procedure can be
:complicated to make it foolprof, but I think the system must be fixed
:instead to not resolve illegal names. It is not good idea to
:produce workarounds of illegal names out of the system.
:
:--
:Andrey A. Chernov
Ok, I took a look at Bruce's original example, which is:
ln -s "" X
If you were to then do something like "ls -la X/." you would get
the root directory, and "ls -la X/" tries to list the current
directory, and "cp -r X Y" tries to recursively copy the current
directory, and fails.
I think we can safely disallow path lookups going through empty symlinks
(i.e. at the time of the open(), lstat(), etc...), but we should not
go changing the "ln" command or the symlink() system call.
In regards to Bruce's second example:
$ rm -f foo
$ ln -s /nonesuch foo
$ cp foo bar
Well, ok, if what the symlink points to does not exist 'cp' goes and
copies the symlink instead. This seems harmless to me.
I still don't see how any of this is a security issue, though.
-Matt
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
