| September 11 2017 | File::Path Security | Back Next |
Version 1.99_01 introduced discussion of race conditions
RACE CONDITIONS
There are race conditions internal to the implementation of rmtree()
making it unsafe to use on directory trees which may be altered or
moved while rmtree() is running, and in particular on any directory
trees with any path components or subdirectories potentially writable
by untrusted users.
Additionally, if the skip_others parareter is not set (or the
third parameter in the traditional inferface is not TRUE) and
rmtree() is interrupted, it may leave files and directories with
permissions altered to allow deletion.
Begs the question:
What proportion of all directory trees have path components or subdirectories *not* potentially writable by untrusted users?
| Home Last TOC | Copyright © 2017 James E Keenan | Back Next |