D7146: Fix information leak via /tmp
Thomas Posch
noreply at phabricator.kde.org
Mon Aug 7 16:22:07 UTC 2017
thomasp added inline comments.
INLINE COMMENTS
> notification.cpp:69
> + QFile iconfile(mIconPath);
> + iconfile.setPermissions(QFileDevice::ReadOwner | QFileDevice::WriteOwner);
> +
The file is created and filled with a FileTransferJob. Setting the file permission after the job has finished does not help privacy. Please set the permissions on the directory.
REPOSITORY
R224 KDE Connect
REVISION DETAIL
https://phabricator.kde.org/D7146
To: nicolasfella, #kde_connect, apol
Cc: thomasp, apol, #kde_connect, albertvaka, tfella, aboudhar, seebauer, progwolff, MayeulC, menasshock, ach, hkaelberer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kdeconnect/attachments/20170807/0f75b3b7/attachment.html>
More information about the KDEConnect
mailing list