Mercurial > emacs
view info/.arch-inventory @ 107762:2d36607da023
Fix permissions handling (CVE-2010-0825).
* movemail.c (main): Check return values of setuid. Avoid
possibility of symlink attack when movemail is setgid mail
(CVE-2010-0825).
| author | Chong Yidong <cyd@stupidchicken.com> |
|---|---|
| date | Fri, 02 Apr 2010 11:24:16 -0400 |
| parents | a33e80b6ae49 |
| children |
line wrap: on
line source
# There are only three real source files in this directory: # # "dir", ".cvsignore", and this file, ".arch-inventory" # Everything else is generated at compile time. Unfortunately, the "backup" # category overrides the "source" category, so we have to have horrible # regexp that matches everything _except_ "dir"... # 1 or 2 characters long backup ^[a-zA-Z0-9][-_.a-zA-Z0-9]?$ # 4 or more characters long backup ^[a-zA-Z0-9][-_.a-zA-Z0-9][-_.a-zA-Z0-9][-_.a-zA-Z0-9]+$ # 3 chars long, but 1st char not "d" backup ^[abce-zA-Z0-9][-_.a-zA-Z0-9][-_.a-zA-Z0-9]$ # 3 chars long, but 2nd char not "i" backup ^[a-zA-Z0-9][-_.a-hj-zA-Z0-9][-_.a-zA-Z0-9]$ # 3 chars long, but 3rd char not "r" backup ^[a-zA-Z0-9][-_.a-zA-Z0-9][-_.a-qs-zA-Z0-9]$ # arch-tag: 60144ab9-cdc1-45b6-8193-b9683c80ec86