httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Garey Smiley" <ga...@main.slink.com>
Subject Re: small security hole in accept_mutex_init
Date Sat, 28 Dec 1996 18:56:45 GMT
On Fri, 27 Dec 1996 18:47:38 -0500 (EST), Chuck Murcko wrote:

>I'm +1 for adding O_EXCL to the popenf() flags, unless someone knows of
>an OS not supporting this. This should be in 1.2.
>
>Gary, what about OS/2? Is this copacetic there?
>
>Marc Slemko liltingly intones:
>> 
>> In http_main.c there is:
>> 
>> 	accept_mutex_init(pool *p)
>> 	{
>> 	    char lock_fname[30];
>> 
>> 	    strcpy(lock_fname, "/usr/tmp/htlock.XXXXXX");

If we can make the destination directory configurable for the above
line it should work.


Garey Smiley
SoftLink Services
garey@slink.com
http://www.slink.com/
(330)848-1312 FAX/Data(330)699-4474

Mime
View raw message