[bug #13853] creation of archive with attachments writes over symlinks

2005-12-20 13:51:04

Follow-up Comment #5, bug #13853 (project mhonarc):

Possible fixes that can be applied:

1 Add a FOLLOWSYMLINKS resource that tells mhonarc to leave
  symlinks alone.  This would have to be explicitly enabled.

2 Check the user ID of the symlink to see if it matches the
  pid of the mhonarc process.  If so leave symlink alone.

3 Along with the previous check, check if the symlink uid
  matches the uid of the containing directory.  If they match,
  leave it alone.  With the previous check, both would have
  to pass to leave the symlink alone.

(2) and (3) may be sufficient for security reasons and avoid
the need for FOLLOWSYMLINKS, except for certain use cases.
I.e. All of the above can be done, with (2) and (3) added as
the default and (1) only done when explicitly enabled.  (1)
would bypass any ID checks.



Reply to this item at:


  Message sent via/by Savannah

To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the

<Prev in Thread] Current Thread [Next in Thread>