On Wed, Jul 13, 2011 at 09:16:33AM -0600, Tor Lillqvist wrote:
Do we really want to have those access() checks there?
I am not evil enough to think of a way to abuse that code (insert maniacal laughter), but in
general, isn't that exactly the kind of coding that could be a security vulnerability? (TOCTTOU
seems to be the technical term, http://en.wikipedia.org/wiki/Time-of-check-to-time-of-use )
These were added by Caolán; I've no strong feeling about them.
Caolán, is there a special reason you added the access() checks ?
--
Francois Tigeot
Context
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.