rawhide report: 20090523 changes
Matthias Clasen
mclasen at redhat.com
Tue May 26 18:04:37 UTC 2009
On Tue, 2009-05-26 at 19:12 +0200, Till Maas wrote:
> On Di Mai 26 2009, Bill Nottingham wrote:
> > Kevin Kofler (kevin.kofler at chello.at) said:
> > > Yet another insecure temporary file vulnerability. Why do we still not
> > > polyinstantiate /tmp by default? We're wasting lots of time on security
> > > measures which keep breaking apps such as SELinux, but simple things like
> > > polyinstantiation are still not used, why? This code would be perfectly
> > > safe if polyinstantiation was mandatory. Why are we stuck in the 1970s?
> >
> > ... send patches? It's techncially feasible, but no one's done the
> > legwork to integrate it fully yet.
>
> It is already done on the Fedorapeople server:
> https://fedoraproject.org/wiki/Infrastructure/FedoraPeopleConfig#polyinstantiated_tempdirs
Hey, nice.
That should really be an F12 feature.
More information about the fedora-devel-list
mailing list