[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#88055: security hole in joe

On Thu, Mar 01, 2001 at 03:13:14AM +0100, Josip Rodin wrote:
> [joy@pork:/tmp]% echo '-help' > .joerc
> [joy@pork:/tmp]% joe foo
> Processing '.joerc'...done
> zsh: segmentation fault (core dumped)  joe foo


> I wonder what's the best fix for this bug... check ownership of ./.joerc
> file before trying to read it? Not read it at all?

OpenBSD fixed this in thier joe some time ago by not reading ./.joerc
at all.  they read ~/.joerc, /etc/joe/joerc and

Ethan Benson

Attachment: pgpYPaYejz5Nv.pgp
Description: PGP signature

Reply to: