On 8/5/05, Lupe Christoph <lupe@xxxxxxxxxxxxxxxxx> wrote: > > I still don't understand why this is a problem. If it were a problem, it > would be one of humongous dimensions because it affects all programs > that use open(..., 0666) to create non-executable files potentially > containing sensitive contents. In cases where a "secure" file has permissions degraded yes, for example CAN-2005-1920 where an editor was creating a a backup with less secure permissions than the original. > For example all editors. And all shells > because any redirection could create such a file. Permission handling in shells is generally accepted to be insecure due to other issues such as lack of atomicity. Imran
