From owner-freebsd-apache@FreeBSD.ORG Sun Jan 29 10:54:20 2006 Return-Path: X-Original-To: apache@freebsd.org Delivered-To: freebsd-apache@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8FD0C16A420 for ; Sun, 29 Jan 2006 10:54:20 +0000 (GMT) (envelope-from w@expro.pl) Received: from mailin1.expro.pl (mailin1.expro.pl [193.25.166.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3017E43D48 for ; Sun, 29 Jan 2006 10:54:19 +0000 (GMT) (envelope-from w@expro.pl) Received: from miranda-1.dmz.exprozone ([10.0.16.20] helo=miranda.expro.pl) (envelope-sender ) by mailin1.expro.pl with esmtp (Exim 4.50) id 1F3ACI-0002vL-2m for apache@freebsd.org; Sun, 29 Jan 2006 11:54:18 +0100 Received: by miranda.expro.pl (Postfix, from userid 1001) id 33EBA54818; Sun, 29 Jan 2006 11:54:18 +0100 (CET) Date: Sun, 29 Jan 2006 11:54:18 +0100 From: Jan Srzednicki To: apache@freebsd.org Message-ID: <20060129105418.GL34989@miranda.expro.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.11 Cc: Subject: mod_curb ridiculously unsafe tmp file creation X-BeenThere: freebsd-apache@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Support of apache-related ports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jan 2006 10:54:20 -0000 Hi, I've discovered that mod_curb (ports/www/mod_curb) uses a ridiculously unsafe method to access a file in /tmp: file mod_curb.c, line 42: log = fopen( "/tmp/modcurb.log","a" ); The same issue exists in other software written by this author, but fortunately there's nothing more of it in ports. :) -- Jan Srzednicki w@expro.pl