oss-sec mailing list archives
Re: Security risk of vim swap files
From: Ian Zimmerman <itz () very loosely org>
Date: Sun, 5 Nov 2017 22:15:44 -0800
On 2017-11-01 19:12, Solar Designer wrote:
On Wed, Nov 01, 2017 at 07:02:22PM +0100, Jakub Wilk wrote:
Unfortunately, glibc's implementation of tmpfile(3), which is the most fool-proof interface for dealing with temporary files that the C library offers, doesn't honour TMPDIR. :(We've been carrying a patch for this for ages:
Do you know why this has not been changed upstream? The code (and infopage) mentions "SVID compatibility". Do you know of any programs that break with this change? -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet, fetch the TXT record for the domain.
Current thread:
- Re: Fw: Security risk of vim swap files, (continued)
- Re: Fw: Security risk of vim swap files Kurt H Maier (Oct 31)
- Re: Fw: Security risk of vim swap files Tim (Oct 31)
- Re: Fw: Security risk of vim swap files Steffen Nurpmeso (Oct 31)
- Re: Fw: Security risk of vim swap files Leonid Isaev (Nov 01)
- Re: Fw: Security risk of vim swap files Simon McVittie (Nov 01)
- Re: Fw: Security risk of vim swap files Tim (Nov 01)
- Re: Fw: Security risk of vim swap files Jeffrey Walton (Nov 01)
- Re: Fw: Security risk of vim swap files Kurt Seifried (Nov 01)
- Re: Fw: Security risk of vim swap files Jakub Wilk (Nov 01)
- Re: Fw: Security risk of vim swap files Solar Designer (Nov 01)
- Re: Security risk of vim swap files Ian Zimmerman (Nov 06)
- Re: Security risk of vim swap files Solar Designer (Nov 06)
- Re: Security risk of vim swap files Jakub Wilk (Nov 06)
- Re: Fw: Security risk of vim swap files Kurt H Maier (Oct 31)
- Re: Fw: Security risk of vim swap files Jakub Wilk (Nov 01)
- Re: Fw: Security risk of vim swap files Leonid Isaev (Nov 01)
- Re: Fw: Security risk of vim swap files Jan Pokorný (Nov 01)
- Re: Re: Fw: Security risk of vim swap files Michael Orlitzky (Nov 01)
- Re: Re: Fw: Security risk of vim swap files Florent Rougon (Nov 01)