Re: svn commit: rev 3973 - trunk/subversion/tests/libsvn_delta

From: Branko Čibej <brane_at_xbc.nu>
Date: 2002-12-04 19:39:48 CET

Matt Kraai wrote:

>On Wed, Dec 04, 2002 at 07:22:40PM +0100, Branko ??ibej wrote:
>
>
>>Matt Kraai wrote:
>>
>>
>>>This use of tempnam is insecure.
>>>
>>>
>>>
>>Why should I care about that in a test program? This code is not part of
>>the Subversion libraries.
>>
>>
>
>Because people who test Subversion are vulnerable.
>
Oh yes, how could I be so stupid? It's totally natural to run
random-test as root, in a loop, and of course the file it opens using
tempnam is piped immediately to a shell.

If you want to rewrite random-test, be my guest.

-- 
Brane Čibej   <brane_at_xbc.nu>   http://www.xbc.nu/brane/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Wed Dec 4 19:40:51 2002

This message: [ Message body ]
Next message: Tim Moloney: "0.16 tag"
Previous message: Karl Fogel: "Re: svn commit: rev 3973 - trunk/subversion/tests/libsvn_delta"
In reply to: Matt Kraai: "Re: svn commit: rev 3973 - trunk/subversion/tests/libsvn_delta"
Next in thread: Karl Fogel: "Re: svn commit: rev 3973 - trunk/subversion/tests/libsvn_delta"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]