D12513: CVE-2018-10361: privelege escalation
Christoph Cullmann
noreply at phabricator.kde.org
Wed Apr 25 10:14:44 UTC 2018
cullmann added a reviewer: dfaure.
cullmann added a comment.
The only thing that is unclear:
Shall we use the target dir for the tempfile with
QTemporaryFile tempFile(targetFileInfo.absolutePath() + QStringLiteral("/secureXXXXXX"));
or shall we keep in in the normal tempdir? That would make atomic rename "unlikely" to work.
REPOSITORY
R39 KTextEditor
REVISION DETAIL
https://phabricator.kde.org/D12513
To: cullmann, maximilianocuria, dfaure
Cc: cullmann, #frameworks, michaelh, kevinapavew, ngraham, bruns, demsking, sars, dhaumann
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20180425/552f69a3/attachment.html>
More information about the Kde-frameworks-devel
mailing list