On Mon, Feb 26, 2001 at 06:09:30PM +0100, Stefan Eilers wrote:
> I know this solution.
> But I think it should be the default way to protect tempfiles against
> other users in the system and not a nice option for paranoid people. Or
> do you think the ordinary lyx user want to be observable ?
> Therefore I thought of a solution which was included into the sources of
> lyx. A special startup script is ok (and the simplest way), but I think
> it should be included into the default package...
We only need to change one line in CreateTmpDir (in support/filetools.C)
- if (tmpfl.empty() || lyx::mkdir(tmpfl, 0777)) {
+ if (tmpfl.empty() || lyx::mkdir(tmpfl, 0700)) {
(in fact, we should use S_IRUSR | S_IWUSR | S_IXUSR)
I don't see a reason for not making this change.
- Security problem im temp directory. Stefan Eilers
- Re: Security problem im temp directory. John Levon
- Re: Security problem im temp directory. Juergen Vigna
- Re: Security problem im temp directory. Kayvan A. Sylvan
- Re: Security problem im temp directory. Stefan Eilers
- Re: Security problem im temp directory. Dekel Tsur
- Re: Security problem im temp directo... Jean-Marc Lasgouttes
- Re: Security problem im temp directory. John Levon
- Re: Security problem im temp directo... Stefan Eilers
- Re: Security problem im temp di... Andre Poenitz
- Re: Security problem im tem... Lars Gullik Bj�nnes
- Re: Security problem im... Andre Poenitz
- Re: Security problem im temp directory. Kayvan A. Sylvan
- Re: Security problem im temp directo... John Levon
- Re: Security problem im temp di... Kayvan A. Sylvan
