Comment 6 for bug 250400
Revision history for this message
| James Westby (james-w) wrote Re: package ssl-cert 1.0.14-0ubuntu2.1 failed to install/upgrade: | #6 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Hi,
/tmp is a really bad idea and a security hole, if the name .rnd is
used at least.
I think having it shared between users would perhaps be a security
hole as well.
Having it use a proper tmpfile may be possible, but it may still be at
risk.
I'm not sure the file is required though, so it may be possible to not
fail if the file can't be created, I'm not sure.
Thanks,
James