Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 28 Nov 2017 20:46:58 -0800
From: Ian Zimmerman <>
Subject: Re: Security risk of server side text editing ...

On 2017-11-28 21:05, Michael Orlitzky wrote:

> Editing a file in-place should not create *another* file in the
> current directory with a different name/suffix. I realize that's
> subjective, but a lot of (even long time) users will tell you that no
> way in hell did they expect that to happen.

Maybe, but I think editors have done this from time immemorial.  Compare
for instance the comments on the limits of locking on p. 456 of Stevens
& Rago.

Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet, fetch the TXT record for the domain.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ