From owner-freebsd-hackers  Sun Jun 16 20:56: 3 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from parhelion.firedrake.org (parhelion.firedrake.org [212.135.138.219])
	by hub.freebsd.org (Postfix) with ESMTP id 6278237B405
	for <hackers@freebsd.org>; Sun, 16 Jun 2002 20:55:55 -0700 (PDT)
Received: from float by parhelion.firedrake.org with local (Exim 3.35 #1 (Debian))
	id 17JncN-0004iG-00; Mon, 17 Jun 2002 04:55:51 +0100
Date: Mon, 17 Jun 2002 04:55:51 +0100
To: void <float@firedrake.org>
Cc: hackers@freebsd.org
Subject: Re: security bug in /etc/rc in -STABLE?
Message-ID: <20020617035551.GB18088@parhelion.firedrake.org>
References: <20020613161739.GA25926@parhelion.firedrake.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020613161739.GA25926@parhelion.firedrake.org>
User-Agent: Mutt/1.3.28i
From: void <float@firedrake.org>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Thu, Jun 13, 2002 at 05:17:39PM +0100, void wrote:
> 
>  # Remove X lock files, since they will prevent you from restarting X11
>  # after a system crash.
>  #
> -rm -f /tmp/.X*-lock /tmp/.X11-unix/*
> +rm -f /tmp/.X*-lock
> +rm -fr /tmp/.X11-unix
> 
> Aren't both the old and new versions vulnerable to symlink attacks?

No.  From rm(1):

     The rm utility removes symbolic links, not the files referenced by
     the links.

-- 
 Ben

"An art scene of delight
 I created this to be ..."		-- Sun Ra

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message