Adam, On 03/20/2015 05:19 PM, Adam D. Barratt wrote: > The latter's potentially a fairly important point. One of the reasons > that insecure tempfile handling is an issue is that if you write to or > truncate a file in /tmp and that file is a symlink to another file the > result can be that the destination file is modified.
I appreciate your feedback. Given Rebecca's answers, these are valid concerns that should be addressed. However, they seem unrelated to this unblock request. So I'm not sure how you want me to proceed. I'd still prefer to get this first mitigation patch through. It got applied upstream, so it already has some testing mileage. I see no point in delaying it on the grounds that it fixes only one and not all issues. It certainly didn't introduce any of the issues you're pointing out. Regards Markus Wanner
signature.asc
Description: OpenPGP digital signature