Daemon News Ezine | BSD News | BSD Mall | BSD Support Forum | BSD Advocacy | BSD Updates |
Hi, I've discovered that mod_curb (ports/www/mod_curb) uses a ridiculously unsafe method to access a file in /tmp: file mod_curb.c, line 42: log = fopen( "/tmp/modcurb.log","a" ); The same issue exists in other software written by this author, but fortunately there's nothing more of it in ports. :) -- Jan Srzednicki w@xxxxxxxx