Bug#496361: The possibility of attack with the help of symlinks in some Debian packages

To: "Dmitry E. Oboukhov" <dimka@uvw.ru>, 496361@bugs.debian.org
Subject: Bug#496361: The possibility of attack with the help of symlinks in some Debian packages
From: Rene Engelhard <rene@debian.org>
Date: Mon, 25 Aug 2008 06:17:38 +0200
Message-id: <[🔎] 20080825041738.GH29434@rene-engelhard.de>
Reply-to: Rene Engelhard <rene@debian.org>, 496361@bugs.debian.org
In-reply-to: <[🔎] 20080825041338.GG29434@rene-engelhard.de>
References: <[🔎] E1KXJxw-0004HA-7s@nbw.dhome.lan> <[🔎] 20080825041338.GG29434@rene-engelhard.de>

Hi again,

Rene Engelhard wrote:
> I so far thought mktemp was safe enough? (of course, we get
> senddoc.mutt.<number>, but...

Sorry, missed the final sentence: What do you propose instead?

Regards,
 
Rene

Reply to:

References:
- Bug#496361: The possibility of attack with the help of symlinks in some Debian packages
  - From: "Dmitry E. Oboukhov" <dimka@uvw.ru>
- Bug#496361: The possibility of attack with the help of symlinks in some Debian packages
  - From: Rene Engelhard <rene@debian.org>

Prev by Date: Bug#496361: The possibility of attack with the help of symlinks in some Debian packages
Next by Date: Bug#496480: openoffice.org_1:3.0.0~ooo300m3-2(experimental/i386/demosthenes): gcj-dbtool: command not found
Previous by thread: Bug#496361: The possibility of attack with the help of symlinks in some Debian packages
Next by thread: Bug#496361: The possibility of attack with the help of symlinks in some Debian packages
Index(es):
- Date
- Thread