On Mon, Mar 31, 2014 at 6:35 PM, Linda Walsh
No, it wasn't.
The first and main issue was:( from https://lwn.net/Articles/482544/)
On systems that have user-writable directories on the same partition as system files, a long-standing class of security issues is the hardlink-based time-of-check-time-of-use race, most commonly seen in world-writable directories like /tmp.
Yes, the problem here is that all systems (except those partitioned excessively and paranoically as in one partition per user) have user-writeable system partitions. /tmp is a good example that didn't change, you also have /var/spool (you've got many daemons that can write there and thus, if you manage to compromise them, compromise the whole system in turn). I could probably find other examples - thing is, this protection was necessary before, and still is. Also... I didn't see in the OP any proposal to improve the current state. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org