On Tue, 2009-05-12 at 12:54 +0200, Olivier Berger wrote: > Le mardi 12 mai 2009 à 00:49 +0100, Stanley Pilton a écrit : > > and the file it's attempting to open in /tmp/amanda is called > > "/tmp/amanda/cheddar.pri._fs_sw.0.errout". I don't think the path > > "/tmp/amanda" should be hardcoded, since that path may already exist > > and be owned by another user (as is the case here). > > > > This may even lead the way to a security threat through symlinks attack, > maybe ?
No, because the only use of this directory is for write-only debugging information. As indicated in my last reply to this thread, that is on by default but can be disabled or moved to some other directory using the config file. Bdale -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
