Re: Uploaded devscripts 2.0.0 (source all) to master
>> "JT" == James Troup <firstname.lastname@example.org> writes:
JT> email@example.com (Julian Gilbey) writes:
>> debchange runs with no special privileges, so I haven't taken
>> precautions against /tmp exploits.
JT> *bang *bang *bang* *bang*
JT> FFS, What kind of attitude is that? Oh, I was only running as
JT> non-root, so the fact someone hosed a critically file to my life,
JT> is no problem whatsoever?
I am also not sure what the problem is. Somone pointed out, that if
the situation is:
ln -s abc def
then writing to def would host abc. Ok so far.
I would program this so:
if not successfull then bail out
if not successfull than bail out
write to def
Is this unsave? Why?