[Mono-list] VFAT vs Unix filesystems...

Juli Mallett jmallett@FreeBSD.ORG
Wed, 8 Jan 2003 15:30:08 -0800


* De: Simon Waite <simon@psionics.demon.co.uk> [ Data: 2003-01-08 ]
	[ Subjecte: Re: [Mono-list] VFAT vs Unix filesystems... ]
> I maintain the premise that dumbing down the DLL search method is a
> "Bad Idea"(tm) - depending on which strategy you use to lookup
> MyAssembly.dll.
> 
> For instance a malicious user could insert MYASSEMBLY.DLL into the 
> search path, and override the assembly the app is taking. - Possibly
> with disasterous concequences.

If your search path is vulnerable in this way, there are most likely other
things they can do, and if not then there may be at some point.

The security concerns for data files are the only ones vaguely real, since
using /tmp for this sort of thing may be valid.

juli.
-- 
Juli Mallett <jmallett@FreeBSD.org>
AIM: BSDFlata -- IRC: juli on EFnet.
OpenDarwin, Mono, FreeBSD Developer.
ircd-hybrid Developer, EFnet addict.
FreeBSD on MIPS-Anything on FreeBSD.