diff options
| -rw-r--r-- | chapter06/ed-exp.xml | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/chapter06/ed-exp.xml b/chapter06/ed-exp.xml index 0914671f5..41e4d35e4 100644 --- a/chapter06/ed-exp.xml +++ b/chapter06/ed-exp.xml @@ -1,8 +1,10 @@ <sect2> <title>Command explanations</title> -<para>The sed commands fix a symlink vulnerability in ed. See -<ulink url="http://www.securityfocus.com/templates/advisory.html?id=3308"> -http://www.securityfocus.com/templates/advisory.html?id=3308</ulink> for -more information.</sect2> +<para>The sed commands fix a symlink vulnerability in ed. The ed +executable creates files in /tmp with predictable names. By using +various symlink attacks, it is possible to have ed write to files +it should not, change the permissions of various files, etc.</para> + +</sect2> |