Quick Links

Re: pg_dump -Ft failed on Windows XP

From:	Peter Eisentraut <peter_e(at)gmx(dot)net>
To:	pgsql-hackers(at)postgresql(dot)org
Cc:	"Magnus Hagander" <mha(at)sollentuna(dot)net>, "Yoshiyuki Asaba" <y-asaba(at)sraoss(dot)co(dot)jp>
Subject:	Re: pg_dump -Ft failed on Windows XP
Date:	2006-04-20 10:45:26
Message-ID:	200604201245.27186.peter_e@gmx.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Am Donnerstag, 20. April 2006 10:47 schrieb Magnus Hagander:
> Indeed, that's definitly a bug. Quick patch attached. It does appear to
> work, but there may be a better way?

This patch introduces a security hole because an attacker could create, say, a
suitable symlink between the time the name is generated and the file is
opened.

--
Peter Eisentraut
http://developer.postgresql.org/~petere/

In response to

Re: pg_dump -Ft failed on Windows XP at 2006-04-20 08:47:56 from Magnus Hagander

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Bruce Momjian	2006-04-20 11:02:01	Unresolved Win32 bug reports
Previous Message	Bruce Momjian	2006-04-20 10:34:24	Re: float8 regression test failure in head