httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Garey Smiley" <ga...@main.slink.com>
Subject Re: small security hole in accept_mutex_init
Date Sat, 28 Dec 1996 19:59:26 GMT
On Sat, 28 Dec 1996 13:00:04 -0700 (MST), Marc Slemko wrote:

>> >I'm +1 for adding O_EXCL to the popenf() flags, unless someone knows of
>> >an OS not supporting this. This should be in 1.2.
>> >
>> >Gary, what about OS/2? Is this copacetic there?
>> >
>> >Marc Slemko liltingly intones:
>> >> 
>> >> In http_main.c there is:
>> >> 
>> >> 	accept_mutex_init(pool *p)
>> >> 	{
>> >> 	    char lock_fname[30];
>> >> 
>> >> 	    strcpy(lock_fname, "/usr/tmp/htlock.XXXXXX");
>> 
>> If we can make the destination directory configurable for the above
>> line it should work.
>
>Shouldn't matter for OS/2, since accept_mutex_init will only be compiled
>for systems matching one of: 
>
>	#elif defined(SOLARIS2)
>	#elif defined(IRIX)
>	#elif defined(LINUX)
>	#elif defined(SCO5)
>	#elif defined(SVR4)
>	#elif defined(DGUX)
>	#elif defined(__FreeBSD__) || defined(__bsdi__)
>	#elif defined(UXPDS)
>
>Solaris 2.x, IRIX, Linux, FreeBSD, BSDI definitely support O_EXCL.  

OS/2 also supports O_EXCL.


Garey Smiley
SoftLink Services
garey@slink.com
http://www.slink.com/
(330)848-1312 FAX/Data(330)699-4474

Mime
View raw message