Date: prev next · Thread: first prev next last
2011 Archives by date, by thread · List index


On Wed, Jul 13, 2011 at 09:16:33AM -0600, Tor Lillqvist wrote:
Do we really want to have those access() checks there?

I am not evil enough to think of a way to abuse that code (insert maniacal laughter), but in 
general, isn't that exactly the kind of coding that could be a security vulnerability? (TOCTTOU 
seems to be the technical term, http://en.wikipedia.org/wiki/Time-of-check-to-time-of-use )

These were added by Caolán; I've no strong feeling about them.

Caolán, is there a special reason you added the access() checks ?

-- 
Francois Tigeot

Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.