Date: Wed, 1 Nov 2017 19:02:22 +0100 From: Jakub Wilk <jwilk@...lk.net> To: oss-security@...ts.openwall.com Subject: Re: Fw: Security risk of vim swap files * Jeffrey Walton <noloader@...il.com>, 2017-11-01, 11:31: >Code and scripts certainly need to check TMPDIR Unfortunately, glibc's implementation of tmpfile(3), which is the most fool-proof interface for dealing with temporary files that the C library offers, doesn't honour TMPDIR. :( BTW, there's a preloadable library that catches writes to /tmp: https://github.com/paultag/tmperamental -- Jakub Wilk
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.