Re: rawhide report: 20090523 changes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Rawhide Report wrote:
> - Include patch from Debian to fix CVE-2009-1753 (RHBZ#502174).

Yet another insecure temporary file vulnerability. Why do we still not
polyinstantiate /tmp by default? We're wasting lots of time on security
measures which keep breaking apps such as SELinux, but simple things like
polyinstantiation are still not used, why? This code would be perfectly
safe if polyinstantiation was mandatory. Why are we stuck in the 1970s?

        Kevin Kofler

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux