The patch looks ok (please push it), but could you please also add a
check for symlinks - if the target file is symlink warn user about that
and ask if he wants to continue and if it's not in "slave mode" just
refuse to write if the target is a symlink - so we avoid the symlink
vulnerability when run as post-create event.
Thank you,
Jirka
On 09/12/2011 03:51 PM, Michal Toman wrote: