Code review comment for lp:~chipaca/snap-confine/unshare
Revision history for this message
| Tyler Hicks (tyhicks) wrote | # |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Note that the above issue is due to two things:
1) Predictable directory names used in /tmp
2) Continuing if mkdir(2) returns an error with errno set to EEXIST
This allows attackers to create symlinks in /tmp that the launcher follows.