Michael Orlitzky <m...@gentoo.org> writes:

> If so, the symlink should point to a superuser-only location to avoid
> creating any new vulnerabilities. We can't fix the general problem, but
> we could at least mention in the docs that symlinks will (now) be
> followed and that users should be careful if they want to maintain the
> files elsewhere.

I believe that the target directory of this cp can be considered
equivalent in terms of access to any superuser-only directory, so I'm
not sure I see the problem with this change.

Arsen Arsenović

Attachment: signature.asc
Description: PGP signature

Reply via email to