mirror of
https://github.com/libsdl-org/SDL.git
synced 2026-06-21 05:26:03 +00:00
ef1fdf11bd
If we write directly to filenames in /tmp, we're subject to time-of-check/time-of-use symlink attacks on most systems (although recent Linux kernels mitigate these by default). We can avoid these attacks by securely creating a directory owned by our own uid, and doing all our file I/O in that directory. Other uids cannot create symbolic links in that directory, so we are protected from symlink attacks. This does not protect us from an attacker that is running with the same uid, but if such an attacker exists, then we have already lost. Resolves: https://github.com/libsdl-org/SDL/issues/11887 Signed-off-by: Simon McVittie <smcv@collabora.com> |
||
|---|---|---|
| .. | ||
| cocoa | ||
| dummy | ||
| unix | ||
| windows | ||
| SDL_tray_utils.c | ||
| SDL_tray_utils.h | ||