Re: Upcoming change to perl: current directory in @INC

To: debian-devel@lists.debian.org
Subject: Re: Upcoming change to perl: current directory in @INC
From: Vincent Lefevre <vincent@vinc17.net>
Date: Fri, 9 Sep 2016 14:15:12 +0200
Message-id: <[🔎] 20160909121512.GC18696@zira.vinc17.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 87twdq4cqx.fsf@hope.eyrie.org>
References: <20160829133947.GA9221@themisto.larted.org.uk> <[🔎] CANBHLUjOauXfUYK29uFoN88yznKLSjKR167_3ECgMQWummSAOw@mail.gmail.com> <[🔎] 20160908110421.gjmzn576vg6vxtbp@exolobe3> <[🔎] 87twdq4cqx.fsf@hope.eyrie.org>

On 2016-09-08 08:44:54 -0700, Russ Allbery wrote:
> That's a little better but not a lot better.  It means that it's still
> unsafe to run any script out of a world-writeable directory such as /tmp,
> even if the sticky bit is set.

Running things in /tmp or its subdirectories is prone to security
bugs people do not care to fix.

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply to:

Follow-Ups:
- Re: Upcoming change to perl: current directory in @INC
  - From: Russ Allbery <rra@debian.org>

References:
- Re: Upcoming change to perl: current directory in @INC
  - From: Dimitri John Ledkov <xnox@debian.org>
- Re: Upcoming change to perl: current directory in @INC
  - From: Lars Wirzenius <liw@liw.fi>
- Re: Upcoming change to perl: current directory in @INC
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Bug#837159: ITP: python-udatetime -- Fast RFC3339 compliant date-time library
Next by Date: Re: Uploading existing source but with different size
Previous by thread: Re: Upcoming change to perl: current directory in @INC
Next by thread: Re: Upcoming change to perl: current directory in @INC
Index(es):
- Date
- Thread