Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Markus Friedl (markus.friedlinformatik.uni-erlangen.de)
Date: Thu Jun 07 2001 - 16:16:40 CDT
On Wed, Jun 06, 2001 at 02:33:23PM +0300, Peter Pentchev wrote:
> > > Are you using X forwarding? (ie, ssh -X)
> Yes, disabling X forwarding would be an easy workaround.
> Can somebody, however, test if the following patch resolves the problem?
> It certainly does for me..
> Well, ok, so there is still a race condition between the stat() and unlink()
> in the cleanup procedure.. but since there is no funlink() yet, I do not
> really think this one can be resolved :( And besides, there's a *much*
> smaller window of opportunity there.
i think it's simpler to switch uids when removing the cookie file.
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message