Adam,

On 03/20/2015 05:19 PM, Adam D. Barratt wrote:
> The latter's potentially a fairly important point. One of the reasons
> that insecure tempfile handling is an issue is that if you write to or
> truncate a file in /tmp and that file is a symlink to another file the
> result can be that the destination file is modified.

I appreciate your feedback. Given Rebecca's answers, these are valid
concerns that should be addressed.

However, they seem unrelated to this unblock request. So I'm not sure
how you want me to proceed. I'd still prefer to get this first
mitigation patch through. It got applied upstream, so it already has
some testing mileage. I see no point in delaying it on the grounds that
it fixes only one and not all issues. It certainly didn't introduce any
of the issues you're pointing out.

Regards

Markus Wanner


Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to