On Thu, 4 Mar 2004 20:51:37 -0800, Jesse Keating wrote: > - --------------------------------------------------------------------- > Update Information: > > Symlink Vuln in Libtool: > The chmod has a race (that access to the temporary directory could be > gained after it is created but before it is chmoded) > - --------------------------------------------------------------------- As I've pointed out in the bug ticket, Red Hat Linux with default configuration is not vulnerable as it includes a modified libtool which uses mktemp to create the temporary file. It is only vulnerable, when mktemp is erased, breaking libtool's dependency on it. --
Attachment:
pgp00270.pgp
Description: PGP signature
