> > The disk usage monitor that comes with AfterStep (asfsm) overwrites > > /usr/tmp/statfs regularly as whoever launched it, allowing the typical > > symlink crap we've come to expect, including a possible DoS if run as > > root. > > Which version? Have you contacted the developers first?! 1.4.x (haven't checked 1.0, or 1.5pre). I posted to the as list before writing here, that post also told them that it would be posted here. It's a small enough bell/whistle that most of the world should be able to live without it until it's patched (not that that should take long). Kris Coward
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:13:26 PDT