comparison doc/gtklog-signals.dox @ 13659:a92263b13380

[gaim-migrate @ 16061] silcgaim_check_silc_dir() checks to make sure the user's private key has permission 0600. If it doesn't, it chmod's the file. Nathanael Hoyle pointed out the totally absurd scenario where, if Gaim is suid root, someone could replace the private key with something else between the fstat and the chmod so that the file permissions are changed on a file that the user wouldn't otherwise have access to. He also suggested a fix along the lines of this one. Ethan said this still isn't totally safe, but it should be a little better, and I don't really care anyway because you'd have to be a moron to run Gaim with the suid bit set in the first place. committer: Tailor Script <tailor@pidgin.im>
author Mark Doliner <mark@kingant.net>
date Wed, 19 Apr 2006 02:12:45 +0000
parents cb36bc2db7c5
children 8cf53d7a0887
comparison
equal deleted inserted replaced
13658:788580688610 13659:a92263b13380