|
From: | Richard Stallman |
Subject: | Re: creating backups in temporary directories |
Date: | Sun, 09 Sep 2007 21:12:31 -0400 |
> Worse yet: creating backup files in /tmp would be a security hole: > some other user seeing you're currently editing /tmp/foo could create > a symlink /tmp/foo~ to some interesting place and then when you save your > file the backup could be placed at that interesting place chosen by > the attacker. > Is that equally true for any directory that others can write? Yes. This means that the practice of not making backup files in /tmp is not a solution for the problem. Is there any solution? (I think the motive for not making backup files in /tmp was just that it seemed pointless.)
[Prev in Thread] | Current Thread | [Next in Thread] |