On Mon, Feb 20, 2023, 4:34 PM Stefan Monnier
wrote:
> > Just to be clear, this condition should be checked before emacs is
> > willing to use the temporary directory in question. No unprivileged
> > user should be able to overwrite a directory entry the uid of the
> > emacs process creates at
On Mon, Feb 20, 2023 at 11:02 AM Stefan Monnier
wrote:
> > So I guess one could remove the file after the first creation and make
> > it a link pointing to some other file waiting for libgccjit to do
> > its write.
>
> "One" as in "an attacker"? In `/tmp` an attacker should not be able to
> do
2 matches
Mail list logo