Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability

To: Joey Hess <joeyh@debian.org>, 77257@bugs.debian.org
Cc: Herbert Xu <herbert@gondor.apana.org.au>, debian-security@lists.debian.org, debian-bugs-dist@lists.debian.org, Josip Rodin <jrodin@jagor.srce.hr>
Subject: Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability
From: Alexander Viro <viro@math.psu.edu>
Date: Mon, 20 Nov 2000 00:21:35 -0500 (EST)
Message-id: <[🔎] Pine.GSO.4.21.0011192326470.26267-100000@weyl.math.psu.edu>
In-reply-to: <[🔎] 20001119194840.H29727@kitenet.net>


On Sun, 19 Nov 2000, Joey Hess wrote:

> Herbert Xu wrote:
> > On Sat, Nov 18, 2000 at 11:26:13AM -0500, Jacob Kuntz wrote:
> > > 
> > > what's wrong with the current practice of putting deadjoe in the current
> > > directory?
> > 
> > cwd == /tmp
> 
> Belive it or not, it is actually possible to write files to /tmp
> securely. It's pretty silly to contemplating changing the bahavior of
> joe when it can just be fixed.

a) take a look at /etc/init.d/bootmisc.sh. Around "Cleaning: /tmp", that is.
b) several editing sessions in parallel.

Reply to:

Follow-Ups:
- Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability
  - From: Joey Hess <joeyh@debian.org>

References:
- Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability
Next by Date: Re: task-unstable-security-updates?
Previous by thread: Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability
Next by thread: Re: Bug#77257: FWD: Joe's Own Editor File Link Vulnerability
Index(es):
- Date
- Thread