[Opendnssec-user] svn r6114
Bernhard Reutner-Fischer
rep.dot.nop at gmail.com
Thu Feb 2 13:01:46 UTC 2012
On 2 February 2012 13:40, Matthijs Mekking <matthijs at nlnetlabs.nl> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Using mkstemp will not solve this attack, since you can do the same
> trick for /the/zone-name (without .tmp), or any other file location
If the target filename of the rename is a symlink, the symlink will be
overwritten.
But anyway, that spot caught my attention and prompted me to think
aloud, that's all :)
cheers,
More information about the Opendnssec-user
mailing list