Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and previous versions allows local users to write to arbitrary files via a symlink attack on the ce_edit_log temporary file.
/*
* Copyright Kevin Finisterre - ripped from my perl_exc
*
* ** DISCLAIMER ** I am in no way responsible for your stupidity
* ** DISCLAIMER ** I am in no way liable for any damages caused by compilation and or execution of this code
*
* ** WARNING ** DO NOT RUN THIS UNLESS YOU KNOW WHAT YOU ARE DOING ***
* ** WARNING ** overwriting /etc/ldsop ...