On Mon, 27 Oct 2003 14:35:02 +1100, Brett Hutley said: > CALL STACK: > 1: accept_user_input(); /* validate user input here */ > 2: processing_loop_with_user_input(); /* rather than here */ Of course, validating in (1) rather than (2) introduces race conditions and the like (all sorts of TOCTOU issues, filesystem races, and the like), so you need to also be sure that what's validated in (1) is what's used in (2). Remember that most symlink races work *because* the checking is done in (1).
Attachment:
pgp00124.pgp
Description: PGP signature