[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rawhide report: 20090523 changes



On Di Mai 26 2009, Bill Nottingham wrote:
> Kevin Kofler (kevin kofler chello at) said:
> > Yet another insecure temporary file vulnerability. Why do we still not
> > polyinstantiate /tmp by default? We're wasting lots of time on security
> > measures which keep breaking apps such as SELinux, but simple things like
> > polyinstantiation are still not used, why? This code would be perfectly
> > safe if polyinstantiation was mandatory. Why are we stuck in the 1970s?
>
> ... send patches? It's techncially feasible, but no one's done the
> legwork to integrate it fully yet.

It is already done on the Fedorapeople server:
https://fedoraproject.org/wiki/Infrastructure/FedoraPeopleConfig#polyinstantiated_tempdirs

Regards
Till

Attachment: signature.asc
Description: This is a digitally signed message part.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]