[Bug other/90195] GCC: Insecure Tmp Write(s) / Arbitrary Data Injection
pinskia at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Sat Apr 20 15:15:00 GMT 2019
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90195
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Use a TMPDIR env if you want to prevent other users from getting access to
files.
This is a minor security hole really because it allows a person with already
have access to do bad things. If you trust an user to have an user account
then you have to trust enough not do bad things.
More information about the Gcc-bugs
mailing list