[w3m-dev 00893] [security hole?] /tmp as rc_dir

From: Hironori Sakamoto (hsaka@mth.biglobe.ne.jp)
Date: Sun Jun 11 2000 - 13:14:05 CDT

$B:dK\$G$9!#(B

~/.w3m $B$r(B open $B$G$-$J$+$C$?;~$K!"(B/tmp $B$r;H$&=hM}$G$9$,!"(B
symbolic link $B967b(B
# $BNc$($P!"(B
# ln -s (mode 777 $B$N$"$k%U%!%$%k(B) /tmp/cookie
# $B$NMM$K$7$F$*$/$HC/$G$b(B cookie $B$,8+$l$k!#(B
$B$r<u$1$k2DG=@-$,$"$k$N$G!"%;%-%e%j%F%#>e>/$7LdBj$,$"$j$^$9!#(B

/tmp/$B%f!<%6L>(B $B$"$?$j$r;H$C$F!"$5$i$K(B(~/.w3m $B$N>l9g$G$b(B)
mode 700 $B$G$"$k$+(B check $B$9$kI,MW$,$"$k$H;W$$$^$9!#(B
# mode $B$,(B 700 $B$GL5$$>l9g$O7Y9p$7$F=*N;$7$?J}$,$$$$$H;W$$$^$9!#(B
# $B87L)$K$O(B /tmp $B$K(B sticky bit $B$,%;%C%H$5$l$F$$$k$+$^$G(B
# $B8+$J$$$H$$$1$J$$$N$+$b$7$l$^$;$s$,!"$5$9$,$K$=$3$^$G$O$C$F5$$b!#(B

$B%;%-%e%j%F%#$N@lLg2H$G$O$J$$$N$G!"$I$NDxEYLdBj$"$k$+J,$+$j$^$;$s$,!D(B
Linux $B$d(B FreeBSD $B$N%;%-%e%j%F%#4XO"$N(B ML $BEy$GJ9$$$?J}$,$$$$$+$b$7$l$^$;$s!#(B
-----------------------------------
$B:dK\(B $B9@B'(B <hsaka@mth.biglobe.ne.jp>
 http://www2u.biglobe.ne.jp/~hsaka/

This archive was generated by hypermail 2b29 : Wed Jul 19 2000 - 10:30:56 CDT