might as well patch the configure script (which has the 0777) so that the test during configure is the same as during the application runtime ;-) -- Todd Fries .. todd@xxxxxxxxx (last updated $ToddFries: signature.p,v 1.2 2002/03/19 15:10:18 todd Exp $) Penned by Michael Natterer on Wed, Jun 12, 2002 at 02:37:08PM +0200, we have: | David Fries <dfries@xxxxxxxxxxxx> writes: | | > Currently the shared memory region that gimp uses to communicate to | > and from plugins is readable and writable by every user on the system. | > This is not good. I don't know what data or control information gimp | > puts in this shared region, but someone could at least view or corrupt | > your working image. Anyway it isn't too hard to fix. | > | > As far as I know plugins can only be run as the same user id as the | > gimp. Unless this isn't the case the following patch needs to be | > applied. | | Yes, the plug-ins are simply forked and thus have the same uid. | The patch looks like the right thing to do to me. If nobody objects | for some reason, it will be applied to both the stable and unstable | trees. | | thanks for spotting this, | --mitch
