Insecure temporary file creation
openTempFile and openBinaryTempFile (in libraries/base/GHC/Handle.hs) create temporary files with predictable names, making a symlink attack possible.
Trac metadata
Trac field | Value |
---|---|
Version | 6.6 |
Type | Bug |
TypeOfFailure | OtherFailure |
Priority | normal |
Resolution | Unresolved |
Component | libraries/base |
Test case | |
Differential revisions | |
BlockedBy | |
Related | |
Blocking | |
CC | |
Operating system | Multiple |
Architecture | Multiple |