tempfile used by kcmlisa
Waldo Bastian
bastian at kde.org
Sun Nov 17 00:03:40 GMT 2002
kcmlisa creates a tempfile in /tmp which could theoretically be abused by a
symlink attack to overwrite a file of the user.
This patch fixes that. It also makes sure that the tempfile gets deleted in
case e.g. kcmshell exits before the saveDone slot is called.
Please review. Thanks to Per Winkvist for pointing out the problem.
Cheers,
Waldo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kcmlisa.patch
Type: text/x-diff
Size: 1949 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20021117/99d8a842/attachment.patch>
More information about the kde-core-devel
mailing list