Date: Fri, 14 Aug 1998 14:26:05 -0600 From: Warner Losh <imp@village.org> To: Andre Albsmeier <andre.albsmeier@mchp.siemens.de> Cc: freebsd-questions@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG Subject: Re: Found reason why lpr -r -s doesn't work as expected Message-ID: <199808142026.OAA17025@harmony.village.org> In-Reply-To: Your message of "Fri, 14 Aug 1998 20:07:22 %2B0200." <199808141807.UAA13224@internal> References: <199808141807.UAA13224@internal>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199808141807.UAA13224@internal> Andre Albsmeier writes: : if (strchr(line+1, '/')) : continue; : This disables the removement of files starting with '/'. This was : introduced in version 1.14 according to the CVS log. However, I didn't : find an explanation why this change was made. Is it a security hole? Without this fix, people could remove any file on your system by having remote print access. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808142026.OAA17025>