Le mardi 12 mai 2009 à 00:49 +0100, Stanley Pilton a écrit : > and the file it's attempting to open in /tmp/amanda is called > "/tmp/amanda/cheddar.pri._fs_sw.0.errout". I don't think the path > "/tmp/amanda" should be hardcoded, since that path may already exist > and be owned by another user (as is the case here). >
This may even lead the way to a security threat through symlinks attack, maybe ? My 2 cents, -- Olivier BERGER <olivier.ber...@it-sudparis.eu> http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 1024D/6B829EEC Ingénieur Recherche - Dept INF Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
