[Radiance-dev] Security issue - Insecure use of files in /tmp
Bernd Zeimetz
bernd at bzed.de
Thu Aug 14 01:28:00 PDT 2008
Randolph Fritz wrote:
> I don't understand the reasoning, here. Unless you're running Security-Enhanced Linux, if an "evil person" has an account on your system, system security is toast anyway--as the implementation of mktemp(3) (among many other features) shows, Unix was never designed to be secure against a determined attack by a malicious user.
These times are gone.... and gcc warns about the use of mktemp these
days. Even for an evil user it should not be possible to mess with
anything but his own account....
Bernd
--
Bernd Zeimetz Debian GNU/Linux Developer
GPG Fingerprint: 06C8 C9A2 EAAD E37E 5B2C BE93 067A AD04 C93B FF79
More information about the Radiance-dev
mailing list