[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: many packages write to `temporary-file-directory' insecurely

From: Stefan Monnier
Subject: Re: many packages write to `temporary-file-directory' insecurely
Date: Tue, 05 Mar 2002 10:20:37 -0500

> Richard Stallman <address@hidden> writes:
> |> If /var/games is treated just like /tmp, meaning anyone can create a
> |> file in it, then it will raise the same security issues as /tmp.  We
> |> could perhaps use the code that Al Petrovsky sent, if that is correct.
> The convention for /var/games is that it is writable for a special group
> (game) only, and any program wanting to have access to it must be setgid
> game.

Which is not an option for Emacs.  I'd much rather have something like
/var/games/emacs-scores owned by root and only writable by root
with a file /var/games/emacs-scores/snake that's world-writable.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]