Date: Sat, 26 Jan 2008 23:55:01 -0800 From: Tim Kientzle <kientzle@freebsd.org> To: Yar Tikhiy <yar@freebsd.org> Cc: cvs-src@freebsd.org, src-committers@freebsd.org, cvs-all@freebsd.org Subject: Re: cvs commit: src UPDATING src/include fts.h src/lib/libc/gen Makefile.inc Symbol.map fts-compat.c fts-compat.h fts.3 fts.c src/sys/sys param.h Message-ID: <479C38D5.3050901@freebsd.org> In-Reply-To: <200801261709.m0QH9f2D024309@repoman.freebsd.org> References: <200801261709.m0QH9f2D024309@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Yar Tikhiy wrote: > Our fts(3) API, as inherited from 4.4BSD, suffers from integer > fields in FTS and FTSENT structs being too narrow. In addition, > the narrow types creep from there into fts.c. As a result, fts(3) > consumers, e.g., find(1) or rm(1), can't handle file trees an ordinary > user can create, which can have security implications. Kudos! It's about time we fixed this. The inability of 'rm' to clean up my test trees for libarchive has become a bit tiresome. ;-) Tim Kientzle
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?479C38D5.3050901>