https://bz.apache.org/bugzilla/show_bug.cgi?id=68983
--- Comment #1 from PJ Fanning <fannin...@yahoo.com> --- You can register your own TempFileCreationStrategy. https://github.com/apache/poi/blob/c960ee60709a4059796a13eec3b383ea4363f4fc/poi/src/main/java/org/apache/poi/util/TempFile.java#L44 I would be against reverting the changes to use the Java NIO codebase instead of the insecure java.io.File code. I would even be against having the code fall back to the insecure java.io.File code. If someone can provide a solution that only uses secure code then that is ok. Users can implement their own TempFileCreationStrategy and do whatever they please. ASF default code must be secure in all cases. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org For additional commands, e-mail: dev-h...@poi.apache.org
