On Tue, May 5, 2009 at 2:11 AM, ERG Consultant <erg_consult...@yahoo.com> wrote: > I am fully aware of the security issues having already written several helper > tools. Stating that a temp text file written to /tmp is a security hole is > really stretching it a bit.
I didn't say it was a security hole. I said it opened up a class of security vulnerabilities; you can avoid these by doing things right. One of the most important things is to make sure your files are created with permissions that do not allow others to write to those files. This is a bit of a problem because PackageMaker sets those permissions for you based on what you specify in the BOM. --Kyle Sluder _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
