diff options
author | David Adam <zanchey@ucc.gu.uwa.edu.au> | 2014-04-20 23:51:20 +0800 |
---|---|---|
committer | David Adam <zanchey@ucc.gu.uwa.edu.au> | 2014-04-28 10:42:00 +0800 |
commit | 55bc4168bf019374422807038d32bc3147dd94f6 (patch) | |
tree | bac2dd63131233997186dcccd8f11564f44c55b4 /doc_src/set.txt | |
parent | ba1b5e34a77369e28ff563e47c088c55664a8a11 (diff) |
use mktemp(1) to generate temporary file names
Fix for CVE-2014-2906.
Closes a race condition in funced which would allow execution of
arbitrary code; closes a race condition in psub which would allow
alternation of the data stream.
Note that `psub -f` does not work (#1040); a fix should be committed
separately for ease of maintenance.
Closes #1437
Diffstat (limited to 'doc_src/set.txt')
0 files changed, 0 insertions, 0 deletions