[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rawhide report: 20090523 changes



On Tue, 2009-05-26 at 19:12 +0200, Till Maas wrote:
> On Di Mai 26 2009, Bill Nottingham wrote:
> > Kevin Kofler (kevin kofler chello at) said:
> > > Yet another insecure temporary file vulnerability. Why do we still not
> > > polyinstantiate /tmp by default? We're wasting lots of time on security
> > > measures which keep breaking apps such as SELinux, but simple things like
> > > polyinstantiation are still not used, why? This code would be perfectly
> > > safe if polyinstantiation was mandatory. Why are we stuck in the 1970s?
> >
> > ... send patches? It's techncially feasible, but no one's done the
> > legwork to integrate it fully yet.
> 
> It is already done on the Fedorapeople server:
> https://fedoraproject.org/wiki/Infrastructure/FedoraPeopleConfig#polyinstantiated_tempdirs

Hey, nice.

That should really be an F12 feature.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]