On Di Mai 26 2009, Bill Nottingham wrote: > Kevin Kofler (kevin.kofler@xxxxxxxxx) said: > > Yet another insecure temporary file vulnerability. Why do we still not > > polyinstantiate /tmp by default? We're wasting lots of time on security > > measures which keep breaking apps such as SELinux, but simple things like > > polyinstantiation are still not used, why? This code would be perfectly > > safe if polyinstantiation was mandatory. Why are we stuck in the 1970s? > > ... send patches? It's techncially feasible, but no one's done the > legwork to integrate it fully yet. It is already done on the Fedorapeople server: https://fedoraproject.org/wiki/Infrastructure/FedoraPeopleConfig#polyinstantiated_tempdirs Regards Till
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
