tempfile used by kcmlisa

Waldo Bastian bastian at kde.org
Sun Nov 17 00:03:40 GMT 2002


kcmlisa creates a tempfile in /tmp which could theoretically be abused by a 
symlink attack to overwrite a file of the user. 

This patch fixes that. It also makes sure that the tempfile gets deleted in 
case e.g. kcmshell exits before the saveDone slot is called.

Please review. Thanks to Per Winkvist for pointing out the problem.

Cheers,
Waldo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kcmlisa.patch
Type: text/x-diff
Size: 1949 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20021117/99d8a842/attachment.patch>


More information about the kde-core-devel mailing list