Hi. On Thu, 16 Aug 2007 11:38:21 -0400, Steve Dickson wrote: > > If you let it through, it can create a file with random mode. Say > > if a root process creates a file with 4777 perms, do you really > > want to risk that while that process is scheduled away somebody > > copies a shell into that file and runs it? > Again.. just fail the open and put the decision of what to do in the > hands of the app... where it belongs... I agree with that. Tell the application "Sorry Dave, I can't let you do that", and let the application deal with that. If the application has no proper error handling for open calls, that is definitely the applications problem. The open call could have failed for other reasons, too. I do not see how creat-without-mode is a fundamentally different case from, for example, insufficient permissions. The applications tries something it is not allowed to do, so fail the call (and print fat, ugly warnings to the console), and let the application deal with the consequences. -- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers -- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
