<<< Date Index >>>     <<< Thread Index >>>

Re: [patch] Re: security problem with temp files [was Re:



On Thursday, October  5 at 10:27 AM, quoth Derek Martin:
I will also note that both unlink() and rmdir() can fail in
mutt_put_file_in_place.  The call to unlink fails trivially (i.e. in
the case of hardware failure, generally),

Unless your mailboxes/temp-space happen to be on a networked filesystem like NFS or AFS. Then unlinking can fail without hardware failure. When considering syscalls, anything that *can* fail, probably has a good reason for failing in at least one case.

If the rmdir fails, it could signal
something fishy is going on...  It might be worth notifying the user
about that.  If nothing else it gives them a chance to manually clean
up the mess that mutt wasn't able to clean up.

Most failures like that are at least worth notifying the user about.

~Kyle
--
Selfishness is not living as one wishes to live, it is asking others to live as one wishes to live.
                                                       -- Oscar Wilde

Attachment: pgpbthLN3ngzD.pgp
Description: PGP signature