Vincent Lefevre <vinc...@vinc17.net> writes: > On 2016-09-08 08:44:54 -0700, Russ Allbery wrote:
>> That's a little better but not a lot better. It means that it's still >> unsafe to run any script out of a world-writeable directory such as >> /tmp, even if the sticky bit is set. > Running things in /tmp or its subdirectories is prone to security > bugs people do not care to fix. And yet, sadly, people do it all the time. :( -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
