Thomas Dickey wrote: > > is to make filename sit in a temporary directory under /tmp, not directly > > in /tmp ? > > For the truly paranoid, even that is not sufficient. Why? The creation of the temp directory cannot erase a file, and once the directory is created with mode 077, an attacker cannot place a symlink into it. What kind of attack is still possible with a temp directory with mode 077? Can you please explain? Bruno _______________________________________________ Autoconf mailing list Autoconf@xxxxxxx http://lists.gnu.org/mailman/listinfo/autoconf
