|
From: | Richard Stallman |
Subject: | Re: creating backups in temporary directories |
Date: | Sat, 08 Sep 2007 15:48:09 -0400 |
Worse yet: creating backup files in /tmp would be a security hole: some other user seeing you're currently editing /tmp/foo could create a symlink /tmp/foo~ to some interesting place and then when you save your file the backup could be placed at that interesting place chosen by the attacker. Is that equally true for any directory that others can write?
[Prev in Thread] | Current Thread | [Next in Thread] |