Mercurial > pidgin
view doc/log-signals.dox @ 13659:a92263b13380
[gaim-migrate @ 16061]
silcgaim_check_silc_dir() checks to make sure the user's private
key has permission 0600. If it doesn't, it chmod's the file.
Nathanael Hoyle pointed out the totally absurd scenario where, if
Gaim is suid root, someone could replace the private key with
something else between the fstat and the chmod so that the file
permissions are changed on a file that the user wouldn't otherwise
have access to. He also suggested a fix along the lines of this
one.
Ethan said this still isn't totally safe, but it should be a little
better, and I don't really care anyway because you'd have to be a
moron to run Gaim with the suid bit set in the first place.
committer: Tailor Script <tailor@pidgin.im>
| author | Mark Doliner <mark@kingant.net> |
|---|---|
| date | Wed, 19 Apr 2006 02:12:45 +0000 |
| parents | a1e241dd50b6 |
| children | f94309c7c480 |
line wrap: on
line source
/** @page log-signals Log Signals @signals @signal log-timestamp @endsignals <hr> @signaldef log-timestamp @signalproto char *(*log_timestamp)(GaimConversation *conv, struct tm *tm); @endsignalproto @signaldesc Emitted to allow plugins to customize the timestamp on a message being logged. @param log The log the message belongs to. @param tm The time to be converted to a string. @return A textual representation of the time, or @c NULL to use a default format. @note Plugins must be careful of logs with a type of GAIM_LOG_SYSTEM. @endsignaldef */ // vim: syntax=c tw=75 et