[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rawhide report: 20090523 changes



Kevin Kofler (kevin kofler chello at) said: 
> Yet another insecure temporary file vulnerability. Why do we still not
> polyinstantiate /tmp by default? We're wasting lots of time on security
> measures which keep breaking apps such as SELinux, but simple things like
> polyinstantiation are still not used, why? This code would be perfectly
> safe if polyinstantiation was mandatory. Why are we stuck in the 1970s?

... send patches? It's techncially feasible, but no one's done the
legwork to integrate it fully yet. (xguest goes a bit beyond what
we'd want by default.)

Bill


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]