A little more tricky with the symlink, probably needs a re-review
Michal
Dňa 30.09.2011 09:23, Jiri Moskovcak wrote / napísal(a):
The patch looks ok (please push it), but could you please also add a
check for symlinks - if the target file is symlink warn user about that
and ask if he wants to continue and if it's not in "slave mode" just
refuse to write if the target is a symlink - so we avoid the symlink
vulnerability when run as post-create event.
Thank you,
Jirka
On 09/12/2011 03:51 PM, Michal Toman wrote: