[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Accepted lynx 2.8.5-2sarge2.2 (source i386)

* Thomas Dickey:

> It's a #define.  But the change to use the home directory is in the
> wrong place.  I'd point out that it doesn't solve the problem, and
> that the program is still subject to the same issue as reported, [...]

This is not correct.  Gracious write operations to the home directory
are considered a security problem, but file creation in other
directories does not share this problem.  Unless software
automatically interprets certain files in the current directory, which
is a very bad thing to do for that reason.

It seems to me that the patch should be changed to prepend the home
directory if the configured path is not absolute (that is, does not
start with a slash).

Reply to: