Author neologix
Recipients benjamin.peterson, christian.heimes, georg.brandl, hynek, larry, milko.krachounov, neologix, pitrou, tarek
Date 2013-02-22.19:29:42
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1361561382.77.0.438829467087.issue17180@psf.upfronthosting.co.za>
In-reply-to
Content
> Shouldn't you try to make the permission removal atomic?
> Otherwise there's a window of opportunity to exploit the suid bit.

Actually there's already a race even without setuid bit: http://bugs.python.org/issue15100

All metadat should be set atomically.
History
Date User Action Args
2013-02-22 19:29:42neologixsetrecipients: + neologix, georg.brandl, pitrou, larry, christian.heimes, benjamin.peterson, tarek, milko.krachounov, hynek
2013-02-22 19:29:42neologixsetmessageid: <1361561382.77.0.438829467087.issue17180@psf.upfronthosting.co.za>
2013-02-22 19:29:42neologixlinkissue17180 messages
2013-02-22 19:29:42neologixcreate