[PATCH] Unsafe usage of /tmp in artscontrol
bastian at kde.org
Sun Nov 17 12:14:56 GMT 2002
artscontrol can, on request of the user, save to /tmp/default.arts-env. This
is unsafe, because a symlink attack could trick the user into overwriting one
of his own files.
The following patch replaces /tmp/default.arts-env with ~/default.arts-env
Thanks to Per Winkvist for pointing out the problem.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2158 bytes
Desc: not available
More information about the kde-multimedia